Assessing user performance in a community of users of data storage resources

ABSTRACT

According to certain aspects, a method of assessing users of a data storage system can include receiving configuration information relating to a deployed configuration of a first data storage cell and including number of installed data storage hardware and/or software components, the first data storage cell comprising a plurality of client computing devices and being configured to create and store one or more secondary copies of primary data generated by the plurality of client computing devices. The method may also include receiving information relating to an incident opened by a user of the first data storage cell. The method may further include updating a performance metric associated with the user to a new value to reflect a negative impact on the performance metric resulting from the opening of the incident by the user, wherein the degree of the negative impact is based at least in part on the configuration information.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims the benefit of the assignee's U.S. ProvisionalPatent Application No. 61/828,374, filed May 29, 2013 and U.S.Provisional Patent Application No. 61/839,791, filed Jun. 26, 2013.

INCORPORATION BY REFERENCE TO ANY PRIORITY APPLICATIONS

Any and all applications, if any, for which a foreign or domesticpriority claim is identified in the Application Data Sheet of thepresent application are hereby incorporated by reference under 37 CFR1.57.

BACKGROUND

Businesses worldwide recognize the commercial value of their data andseek reliable, cost-effective ways to protect the information stored ontheir computer networks while minimizing impact on productivity.Protecting information is often part of a routine process that isperformed within an organization. A company might back up criticalcomputing systems such as databases, file servers, web servers, and soon as part of a daily, weekly, or monthly maintenance schedule. Thecompany may similarly protect computing systems used by each of itsemployees, such as those used by an accounting department, marketingdepartment, engineering department, and so forth.

Given the rapidly expanding volume of data under management, companiesalso continue to seek innovative techniques for managing data growth, inaddition to protecting data. For instance, companies often implementmigration techniques for moving data to lower cost storage over time anddata reduction techniques for reducing redundant data, pruning lowerpriority data, etc. Enterprises also increasingly view their stored dataas a valuable asset. Along these lines, customers are looking forsolutions that not only protect and manage, but also leverage theirdata. For instance, solutions providing data analysis capabilities,information management, improved data presentation and access features,and the like, are in increasing demand.

SUMMARY

Providers of data storage solutions and other information managementsolutions and services often also provide maintenance and support totheir customers. Some companies provide on-line portals or forums, whichcan provide resources to the customer community for dealing with theprovider's software product, including resources for addressing withmaintenance and support issues. According to certain aspects of thepresent disclosure, systems and methods are described for providing auser community that gives customers a vehicle for dealing withmaintenance, support, and other issues. The user community is providedin connection with one or more information management systems deployedin customer environments. The user community may be an on-line,web-based portal. The user community can provide a variety ofmaintenance and/or support resources to customers, and may be hosted orotherwise operated at the control of the organization that provides theinformation management system and/or services.

The user community may provide a variety of types of resourcesincluding: product support resources (e.g., downloadable softwareupdates, documentation, etc.), incident management resources, an on-lineuser forum, a stored knowledge base (KB), product education resources,etc.

In some cases, certain community users may consume disproportionatelylarge amounts of support resources, such as users that open relativelylarge amounts of incidents, thereby consuming costly support personneltime. Support personnel often expend significant effort in an attempt toeducate certain users on how to address product issues, with the goalbeing for the user to acquire the skills necessary to address futuresimilar issues on their own, without having to rely on expensive humansupport personnel. However, some users do not take advantage ofeducational efforts, and may instead repeatedly open the same types ofincidents. In view of these and other problems, it may be helpful forthe information management system provider and/or the customer toevaluate a user's performance

In order to address these and other challenges, a system according tocertain aspects can be provided to assign a score or ranking for a user(e.g., in connection with the user community). The score or ranking canprovide a useful metric to the information management provider indetermining how to most efficiently interact with that particular usergoing forward. For instance, problem users may be tagged for targetededucational efforts or other remedial action. Moreover, the score orranking can serve as a social incentive for the user to change theirbehavior. As one example, the system can provide select users (e.g.,problem users) with a list of remedial actions they can take to improvetheir score and/or ranking. For example, a score or ranking can beassigned to the user based on a variety of factors, such as the numberof incidents associated with the user, the user's participation in theuser community (e.g., good citizenship activities, educational orproblem resolution contributions, certification, etc.).

A user that opens a fewer number of incidents may generally more helpfuland efficient than a user that opens a large number of incidents. Theuser that opens fewer incidents can probably handle issues relating tothe information management system without involving support of theinformation management system provider than the user that opens moreincidents. Therefore, the number of incidents associated with a user maybe of interest, e.g., to the information management system provider aswell as the customer.

However, a simple comparison of number of incidents may not provide aparticularly effective metric in some cases. Rather, aspects of certainembodiments provided herein include the realization that the true natureof a particular user's performance depends on a large variety ofcontextual factors. For example, the configuration of the informationmanagement system that a user is managing can be highly relevant inevaluating user performance. Two users may be interacting withinformation management systems having completely different hardwareand/or software configurations, corresponding complexity, etc. In such acase, simply counting the number of incidents opened up by each userwill not provide the most useful performance metric for evaluating thetwo users against one another.

Accordingly, certain embodiments provided herein take such contextualfactors into account in evaluating a particular user's performance. Forexample, a company having a large number of deployed informationmanagement hardware and/or software components will, on average,naturally open more incidents than a company having a smaller number ofdeployed components. Accordingly, the information management system maynormalize (e.g., by algorithmic weighting) input data (e.g., number ofopen incidents). Such normalization can be based on a measure that isderived from one or more characteristics associated with theorganization that the user belongs to. As just one example, the numberof open incidents can be normalized based on a number of hardware orsoftware components (e.g., a number of client computing devices)deployed in an information management system environment associated withthe user's organization. In one embodiment, such configurationinformation is obtained electronically from a dedicated agent running onthe particular information management system, which can include a datastorage cell installed at the customer site, for example. In these andother manners, systems described herein can accurately assess therelative performance of users of the information management system.

According to some embodiments, a method of assessing users of a datastorage system is provided. The method can include receiving, with afirst computing device of a data storage system provider, configurationinformation relating to a deployed configuration of a first data storagecell of a plurality of data storage cells and including one or more of:(1) a number of installed data storage hardware components and (2) anumber of installed data storage software components, the plurality ofdata storage cells each located remotely from the first computingdevice, comprising a plurality of client computing devices, and beingconfigured to create and store one or more secondary copies of primarydata generated by the plurality of client computing devices. The methodmay also include receiving information relating to an incident opened bya user of the first data storage cell, the incident corresponding to aninstance where resources of the data storage system provider wereexpended in an attempt to resolve an issue reported by the userassociated with operation of the data storage cell. The method mayfurther include, with the first computing device, updating a performancemetric associated with the user from an initial value to a new value toreflect a negative impact on the performance metric resulting from theopening of the incident by the user, the initial value of theperformance metric based at least in part on one or more previousincidents opened by the user, wherein the degree of the negative impactis based at least in part on the configuration information. The methodcan further include storing the updated performance metric in electronicstorage.

According to certain embodiments, a system may include a plurality ofdata storage cells, each of the plurality of data storage cellscomprising a plurality of client computing devices and configured tocreate and store one or more secondary copies of primary data generatedby the plurality of client computing devices. The system may alsoinclude a first computing device of a data storage system provider, thefirst computing device comprising computer hardware and located remotelyfrom and in communication with the plurality of data storage cells. Thefirst computing device may be configured to receive configurationinformation relating to a deployed configuration of a first data storagecell of the plurality of data storage cells, the configurationinformation including one or more of: (1) a number of installed datastorage hardware components in the first data storage cell and (2) anumber of installed data storage software components in the first datastorage cell. The first computing device may also be configured toreceive information relating to an incident opened by a user of thefirst data storage cell, the incident corresponding to an instance whereresources of the data storage system provider were expended in anattempt to resolve an issue reported by the user associated withoperation of the data storage cell. The first computing device can befurther configured to update a performance metric associated with theuser from an initial value to a new value to reflect a negative impacton the performance metric resulting from the opening of the incident bythe user, the initial value of the performance metric based on one ormore previous incidents opened by the user; wherein the degree of thenegative impact is based at least in part on the configurationinformation. The first computing device can additionally be configuredto store the updated performance metric in electronic storage.

For purposes of summarizing the disclosure, certain aspects, advantagesand novel features of the inventions have been described herein. It isto be understood that not necessarily all such advantages may beachieved in accordance with any particular embodiment of the invention.Thus, the invention may be embodied or carried out in a manner thatachieves or optimizes one advantage or group of advantages as taughtherein without necessarily achieving other advantages as may be taughtor suggested herein.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A is a block diagram illustrating an exemplary informationmanagement system.

FIG. 1B is a detailed view of a primary storage device, a secondarystorage device, and some examples of primary data and secondary copydata.

FIG. 1C is a block diagram of an exemplary information management systemincluding a storage manager, one or more data agents, and one or moremedia agents.

FIG. 1D is a block diagram illustrating a scalable informationmanagement system.

FIG. 1E illustrates certain secondary copy operations according to anexemplary storage policy.

FIGS. 1F-1H are block diagrams illustrating suitable data structuresthat may be employed by the information management system.

FIGS. 2A-2D depict illustrative graphical user interfaces relating to auser community in connection with information management systems andservices.

FIG. 3 is a block diagram illustrating an exemplary system configured toimplement generation of a score or ranking for users of informationmanagement systems and services, according to an illustrative embodimentof the present invention.

FIG. 3A is a data flow diagram illustrative of the interaction betweenthe various components of the exemplary system configured to implementgeneration of a score or ranking for users of information managementsystems and services, according to an illustrative embodiment of thepresent invention.

FIG. 4 is flow diagram illustrative of one embodiment of a routine forgenerating a score or ranking for users of information managementsystems and services.

DETAILED DESCRIPTION

Systems and methods are disclosed for assessing users of deployedinformation management system componentry and/or services, such as bydetermining a score or ranking for such users. Examples of such systemsand methods are described in further detail herein, in reference toFIGS. 2-4. Components and functionality for generation of a score orranking for users of information management systems and services may beconfigured and/or incorporated into information management systems suchas those described herein in FIGS. 1A-1H.

Information Management System Overview

With the increasing importance of protecting and leveraging data,organizations simply cannot afford to take the risk of losing criticaldata. Moreover, runaway data growth and other modern realities makeprotecting and managing data an increasingly difficult task. There istherefore a need for efficient, powerful, and user-friendly solutionsfor protecting and managing data.

Depending on the size of the organization, there are typically many dataproduction sources which are under the purview of tens, hundreds, oreven thousands of employees or other individuals. In the past,individual employees were sometimes responsible for managing andprotecting their data. A patchwork of hardware and software pointsolutions has been applied in other cases. These solutions were oftenprovided by different vendors and had limited or no interoperability.

Certain embodiments described herein provide systems and methods capableof addressing these and other shortcomings of prior approaches byimplementing unified, organization-wide information management. FIG. 1Ashows one such information management system 100, which generallyincludes combinations of hardware and software configured to protect andmanage data and metadata, which is generated and used by the variouscomputing devices in information management system 100. The organizationthat employs the information management system 100 may be a corporationor other business entity, non-profit organization, educationalinstitution, household, governmental agency, or the like.

Generally, the systems and associated components described herein may becompatible with and/or provide some or all of the functionality of thesystems and corresponding components described in one or more of thefollowing U.S. patents and patent application publications assigned toCommVault Systems, Inc., each of which is hereby incorporated in itsentirety by reference herein:

-   -   U.S. Pat. No. 7,035,880, entitled “Modular Backup and Retrieval        System Used in Conjunction With a Storage Area Network”;    -   U.S. Pat. No. 7,107,298, entitled “System And Method For        Archiving Objects In An Information Store”;    -   U.S. Pat. No. 7,246,207, entitled “System and Method for        Dynamically Performing Storage Operations in a Computer        Network”;    -   U.S. Pat. No. 7,315,923, entitled “System And Method For        Combining Data Streams In Pipelined Storage Operations In A        Storage Network”;    -   U.S. Pat. No. 7,343,453, entitled “Hierarchical Systems and        Methods for Providing a Unified View of Storage Information”;    -   U.S. Pat. No. 7,395,282, entitled “Hierarchical Backup and        Retrieval System”;    -   U.S. Pat. No. 7,529,782, entitled “System and Methods for        Performing a Snapshot and for Restoring Data”;    -   U.S. Pat. No. 7,617,262, entitled “System and Methods for        Monitoring Application Data in a Data Replication System”;    -   U.S. Pat. No. 7,747,579, entitled “Metabase for Facilitating        Data Classification”;    -   U.S. Pat. No. 8,156,086, entitled “Systems And Methods For        Stored Data Verification”;    -   U.S. Pat. No. 8,170,995, entitled “Method and System for Offline        Indexing of Content and Classifying Stored Data”;    -   U.S. Pat. No. 8,229,954, entitled “Managing Copies Of Data”;    -   U.S. Pat. No. 8,230,195, entitled “System And Method For        Performing Auxiliary Storage Operations”;    -   U.S. Pat. No. 8,285,681, entitled “Data Object Store and Server        for a Cloud Storage Environment, Including Data Deduplication        and Data Management Across Multiple Cloud Storage Sites”;    -   U.S. Pat. No. 8,307,177, entitled “Systems And Methods For        Management Of Virtualization Data”;    -   U.S. Pat. No. 8,364,652, entitled “Content-Aligned, Block-Based        Deduplication”;    -   U.S. Pat. No. 8,578,120, entitled “Block-Level Single        Instancing”;    -   U.S. Pat. Pub. No. 2006/0224846, entitled “System and Method to        Support Single Instance Storage Operations”;    -   U.S. Pat. Pub. No. 2009/0319534, entitled “Application-Aware and        Remote Single Instance Data Management”;    -   U.S. Pat. Pub. No. 2012/0150818, entitled “Client-Side        Repository in a Networked Deduplicated Storage System”; and    -   U.S. Pat. Pub. No. 2012/0150826, entitled “Distributed        Deduplicated Storage System”.

The information management system 100 can include a variety of differentcomputing devices. For instance, as will be described in greater detailherein, the information management system 100 can include one or moreclient computing devices 102 and secondary storage computing devices106.

Computing devices can include, without limitation, one or more:workstations, personal computers, desktop computers, or other types ofgenerally fixed computing systems such as mainframe computers andminicomputers. Other computing devices can include mobile or portablecomputing devices, such as one or more laptops, tablet computers,personal data assistants, mobile phones (such as smartphones), and othermobile or portable computing devices such as embedded computers, set topboxes, vehicle-mounted devices, wearable computers, etc. Computingdevices can include servers, such as mail servers, file servers,database servers, and web servers.

In some cases, a computing device includes virtualized and/or cloudcomputing resources. For instance, one or more virtual machines may beprovided to the organization by a third-party cloud service vendor. Or,in some embodiments, computing devices can include one or more virtualmachine(s) running on a physical host computing device (or “hostmachine”) operated by the organization. As one example, the organizationmay use one virtual machine as a database server and another virtualmachine as a mail server, both virtual machines operating on the samehost machine.

A virtual machine includes an operating system and associated virtualresources, and is hosted simultaneously with another operating system ona physical host computer (or host machine). A hypervisor (typicallysoftware, and also known in the art as a virtual machine monitor or avirtual machine manager or “VMM”) sits between the virtual machine andthe hardware of the physical host machine. One example of hypervisor asvirtualization software is ESX Server, by VMware, Inc. of Palo Alto,Calif.; other examples include Microsoft Virtual Server and MicrosoftWindows Server Hyper-V, both by Microsoft Corporation of Redmond, Wash.,and Sun xVM by Oracle America Inc. of Santa Clara, Calif. In someembodiments, the hypervisor may be firmware or hardware or a combinationof software and/or firmware and/or hardware.

The hypervisor provides to each virtual operating system virtualresources, such as a virtual processor, virtual memory, a virtualnetwork device, and a virtual disk. Each virtual machine has one or morevirtual disks. The hypervisor typically stores the data of virtual disksin files on the file system of the physical host machine, called virtualmachine disk files (in the case of VMware virtual servers) or virtualhard disk image files (in the case of Microsoft virtual servers). Forexample, VMware's ESX Server provides the Virtual Machine File System(VMFS) for the storage of virtual machine disk files. A virtual machinereads data from and writes data to its virtual disk much the same waythat an actual physical machine reads data from and writes data to anactual disk.

Examples of techniques for implementing information managementtechniques in a cloud computing environment are described in U.S. Pat.No. 8,285,681, which is incorporated by reference herein. Examples oftechniques for implementing information management techniques in avirtualized computing environment are described in U.S. Pat. No.8,307,177, also incorporated by reference herein.

The information management system 100 can also include a variety ofstorage devices, including primary storage devices 104 and secondarystorage devices 108, for example. Storage devices can generally be ofany suitable type including, without limitation, disk drives, hard-diskarrays, semiconductor memory (e.g., solid state storage devices),network attached storage (NAS) devices, tape libraries or othermagnetic, non-tape storage devices, optical media storage devices,DNA/RNA-based memory technology, combinations of the same, and the like.In some embodiments, storage devices can form part of a distributed filesystem. In some cases, storage devices are provided in a cloud (e.g., aprivate cloud or one operated by a third-party vendor). A storage devicein some cases comprises a disk array or portion thereof.

The illustrated information management system 100 includes one or moreclient computing device 102 having at least one application 110executing thereon, and one or more primary storage devices 104 storingprimary data 112. The client computing device(s) 102 and the primarystorage devices 104 may generally be referred to in some cases as aprimary storage subsystem 117. A computing device in an informationmanagement system 100 that has a data agent 142 installed and operatingon it is generally referred to as a client computing device 102 (or, inthe context of a component of the information management system 100simply as a “client”).

Depending on the context, the term “information management system” canrefer to generally all of the illustrated hardware and softwarecomponents. Or, in other instances, the term may refer to only a subsetof the illustrated components.

For instance, in some cases, the information management system 100generally refers to a combination of specialized components used toprotect, move, manage, manipulate, analyze, and/or process data andmetadata generated by the client computing devices 102. However, theinformation management system 100 in some cases does not include theunderlying components that generate and/or store the primary data 112,such as the client computing devices 102 themselves, the applications110 and operating system operating on the client computing devices 102,and the primary storage devices 104. As an example, “informationmanagement system” may sometimes refer to one or more of the followingcomponents and corresponding data structures: storage managers, dataagents, and media agents. These components will be described in furtherdetail below.

Client Computing Devices

There are typically a variety of sources in an organization that producedata to be protected and managed. As just one illustrative example, in acorporate environment such data sources can be employee workstations andcompany servers such as a mail server, a web server, a database server,a transaction server, or the like. In the information management system100, the data generation sources include the one or more clientcomputing devices 102.

The client computing devices 102 may include any of the types ofcomputing devices described above, without limitation, and in some casesthe client computing devices 102 are associated with one or more usersand/or corresponding user accounts, of employees or other individuals.

The information management system 100 generally addresses and handlesthe data management and protection needs for the data generated by theclient computing devices 102. However, the use of this term does notimply that the client computing devices 102 cannot be “servers” in otherrespects. For instance, a particular client computing device 102 may actas a server with respect to other devices, such as other clientcomputing devices 102. As just a few examples, the client computingdevices 102 can include mail servers, file servers, database servers,and web servers.

Each client computing device 102 may have one or more applications 110(e.g., software applications) executing thereon which generate andmanipulate the data that is to be protected from loss and managed. Theapplications 110 generally facilitate the operations of an organization(or multiple affiliated organizations), and can include, withoutlimitation, mail server applications (e.g., Microsoft Exchange Server),file server applications, mail client applications (e.g., MicrosoftExchange Client), database applications (e.g., SQL, Oracle, SAP, LotusNotes Database), word processing applications (e.g., Microsoft Word),spreadsheet applications, financial applications, presentationapplications, graphics and/or video applications, browser applications,mobile applications, entertainment applications, and so on.

The client computing devices 102 can have at least one operating system(e.g., Microsoft Windows, Mac OS X, iOS, IBM z/OS, Linux, otherUnix-based operating systems, etc.) installed thereon, which may supportor host one or more file systems and other applications 110.

The client computing devices 102 and other components in informationmanagement system 100 can be connected to one another via one or morecommunication pathways 114. For example, a first communication pathway114 may connect (or communicatively couple) client computing device 102and secondary storage computing device 106; a second communicationpathway 114 may connect storage manager 140 and client computing device102; and a third communication pathway 114 may connect storage manager140 and secondary storage computing device 106, etc. (see, e.g., FIG. 1Aand FIG. 1C). The communication pathways 114 can include one or morenetworks or other connection types including one or more of thefollowing, without limitation: the Internet, a wide area network (WAN),a local area network (LAN), a Storage Area Network (SAN), a FibreChannel connection, a Small Computer System Interface (SCSI) connection,a virtual private network (VPN), a token ring or TCP/IP based network,an intranet network, a point-to-point link, a cellular network, awireless data transmission system, a two-way cable system, aninteractive kiosk network, a satellite network, a broadband network, abaseband network, a neural network, a mesh network, an ad hoc network,other appropriate wired, wireless, or partially wired/wireless computeror telecommunications networks, combinations of the same or the like.The communication pathways 114 in some cases may also includeapplication programming interfaces (APIs) including, e.g., cloud serviceprovider APIs, virtual machine management APIs, and hosted serviceprovider APIs. The underlying infrastructure of communication paths 114may be wired and/or wireless, analog and/or digital, or any combinationthereof; and the facilities used may be private, public, third-partyprovided, or any combination thereof, without limitation.

Primary Data and Exemplary Primary Storage Devices

Primary data 112 according to some embodiments is production data orother “live” data generated by the operating system and/or applications110 operating on a client computing device 102. The primary data 112 isgenerally stored on the primary storage device(s) 104 and is organizedvia a file system supported by the client computing device 102. Forinstance, the client computing device(s) 102 and correspondingapplications 110 may create, access, modify, write, delete, andotherwise use primary data 112. In some cases, some or all of theprimary data 112 can be stored in cloud storage resources (e.g., primarystorage device 104 may be a cloud-based resource).

Primary data 112 is generally in the native format of the sourceapplication 110. According to certain aspects, primary data 112 is aninitial or first (e.g., created before any other copies or before atleast one other copy) stored copy of data generated by the sourceapplication 110. Primary data 112 in some cases is created substantiallydirectly from data generated by the corresponding source applications110.

The primary storage devices 104 storing the primary data 112 may berelatively fast and/or expensive technology (e.g., a disk drive, ahard-disk array, solid state memory, etc.). In addition, primary data112 may be highly changeable and/or may be intended for relatively shortterm retention (e.g., hours, days, or weeks).

According to some embodiments, the client computing device 102 canaccess primary data 112 from the primary storage device 104 by makingconventional file system calls via the operating system. Primary data112 may include structured data (e.g., database files), unstructureddata (e.g., documents), and/or semi-structured data. Some specificexamples are described below with respect to FIG. 1B.

It can be useful in performing certain tasks to organize the primarydata 112 into units of different granularities. In general, primary data112 can include files, directories, file system volumes, data blocks,extents, or any other hierarchies or organizations of data objects. Asused herein, a “data object” can refer to both (1) any file that iscurrently addressable by a file system or that was previouslyaddressable by the file system (e.g., an archive file) and (2) a subsetof such a file (e.g., a data block).

As will be described in further detail, it can also be useful inperforming certain functions of the information management system 100 toaccess and modify metadata within the primary data 112. Metadatagenerally includes information about data objects or characteristicsassociated with the data objects. For simplicity herein, it is to beunderstood that, unless expressly stated otherwise, any reference toprimary data 112 generally also includes its associated metadata, butreferences to the metadata do not include the primary data.

Metadata can include, without limitation, one or more of the following:the data owner (e.g., the client or user that generates the data), thelast modified time (e.g., the time of the most recent modification ofthe data object), a data object name (e.g., a file name), a data objectsize (e.g., a number of bytes of data), information about the content(e.g., an indication as to the existence of a particular search term),user-supplied tags, to/from information for email (e.g., an emailsender, recipient, etc.), creation date, file type (e.g., format orapplication type), last accessed time, application type (e.g., type ofapplication that generated the data object), location/network (e.g., acurrent, past or future location of the data object and network pathwaysto/from the data object), geographic location (e.g., GPS coordinates),frequency of change (e.g., a period in which the data object ismodified), business unit (e.g., a group or department that generates,manages or is otherwise associated with the data object), aginginformation (e.g., a schedule, such as a time period, in which the dataobject is migrated to secondary or long term storage), boot sectors,partition layouts, file location within a file folder directorystructure, user permissions, owners, groups, access control lists[ACLS]), system metadata (e.g., registry information), combinations ofthe same or other similar information related to the data object.

In addition to metadata generated by or related to file systems andoperating systems, some of the applications 110 and/or other componentsof the information management system 100 maintain indices of metadatafor data objects, e.g., metadata associated with individual emailmessages. Thus, each data object may be associated with correspondingmetadata. The use of metadata to perform classification and otherfunctions is described in greater detail below.

Each of the client computing devices 102 are generally associated withand/or in communication with one or more of the primary storage devices104 storing corresponding primary data 112. A client computing device102 may be considered to be “associated with” or “in communication with”a primary storage device 104 if it is capable of one or more of: routingand/or storing data (e.g., primary data 112) to the particular primarystorage device 104, coordinating the routing and/or storing of data tothe particular primary storage device 104, retrieving data from theparticular primary storage device 104, coordinating the retrieval ofdata from the particular primary storage device 104, and modifyingand/or deleting data retrieved from the particular primary storagedevice 104.

The primary storage devices 104 can include any of the different typesof storage devices described above, or some other kind of suitablestorage device. The primary storage devices 104 may have relatively fastI/O times and/or are relatively expensive in comparison to the secondarystorage devices 108. For example, the information management system 100may generally regularly access data and metadata stored on primarystorage devices 104, whereas data and metadata stored on the secondarystorage devices 108 is accessed relatively less frequently.

Primary storage device 104 may be dedicated or shared. In some cases,each primary storage device 104 is dedicated to an associated clientcomputing device 102. For instance, a primary storage device 104 in oneembodiment is a local disk drive of a corresponding client computingdevice 102. In other cases, one or more primary storage devices 104 canbe shared by multiple client computing devices 102, e.g., via a networksuch as in a cloud storage implementation. As one example, a primarystorage device 104 can be a disk array shared by a group of clientcomputing devices 102, such as one of the following types of diskarrays: EMC Clariion, EMC Symmetrix, EMC Celerra, Dell EqualLogic, IBMXIV, NetApp FAS, HP EVA, and HP 3PAR.

The information management system 100 may also include hosted services(not shown), which may be hosted in some cases by an entity other thanthe organization that employs the other components of the informationmanagement system 100. For instance, the hosted services may be providedby various online service providers to the organization. Such serviceproviders can provide services including social networking services,hosted email services, or hosted productivity applications or otherhosted applications). Hosted services may include software-as-a-service(SaaS), platform-as-a-service (PaaS), application service providers(ASPS), cloud services, or other mechanisms for delivering functionalityvia a network. As it provides services to users, each hosted service maygenerate additional data and metadata under management of theinformation management system 100, e.g., as primary data 112. In somecases, the hosted services may be accessed using one of the applications110. As an example, a hosted mail service may be accessed via browserrunning on a client computing device 102. The hosted services may beimplemented in a variety of computing environments. In some cases, theyare implemented in an environment having a similar arrangement to theinformation management system 100, where various physical and logicalcomponents are distributed over a network.

Secondary Copies and Exemplary Secondary Storage Devices

The primary data 112 stored on the primary storage devices 104 may becompromised in some cases, such as when an employee deliberately oraccidentally deletes or overwrites primary data 112 during their normalcourse of work. Or the primary storage devices 104 can be damaged, lost,or otherwise corrupted. For recovery and/or regulatory compliancepurposes, it is therefore useful to generate copies of the primary data112. Accordingly, the information management system 100 includes one ormore secondary storage computing devices 106 and one or more secondarystorage devices 108 configured to create and store one or more secondarycopies 116 of the primary data 112 and associated metadata. Thesecondary storage computing devices 106 and the secondary storagedevices 108 may sometimes be referred to as a secondary storagesubsystem 118.

Creation of secondary copies 116 can help in search and analysis effortsand meet other information management goals, such as: restoring dataand/or metadata if an original version (e.g., of primary data 112) islost (e.g., by deletion, corruption, or disaster); allowingpoint-in-time recovery; complying with regulatory data retention andelectronic discovery (e-discovery) requirements; reducing utilizedstorage capacity; facilitating organization and search of data;improving user access to data files across multiple computing devicesand/or hosted services; and implementing data retention policies.

The client computing devices 102 access or receive primary data 112 andcommunicate the data, e.g., over one or more communication pathways 114,for storage in the secondary storage device(s) 108.

A secondary copy 116 can comprise a separate stored copy of applicationdata that is derived from one or more earlier-created, stored copies(e.g., derived from primary data 112 or another secondary copy 116).Secondary copies 116 can include point-in-time data, and may be intendedfor relatively long-term retention (e.g., weeks, months or years),before some or all of the data is moved to other storage or isdiscarded.

In some cases, a secondary copy 116 is a copy of application datacreated and stored subsequent to at least one other stored instance(e.g., subsequent to corresponding primary data 112 or to anothersecondary copy 116), in a different storage device than at least oneprevious stored copy, and/or remotely from at least one previous storedcopy. In some other cases, secondary copies can be stored in the samestorage device as primary data 112 and/or other previously storedcopies. For example, in one embodiment a disk array capable ofperforming hardware snapshots stores primary data 112 and creates andstores hardware snapshots of the primary data 112 as secondary copies116. Secondary copies 116 may be stored in relatively slow and/or lowcost storage (e.g., magnetic tape). A secondary copy 116 may be storedin a backup or archive format, or in some other format different thanthe native source application format or other primary data format.

In some cases, secondary copies 116 are indexed so users can browse andrestore at another point in time. After creation of a secondary copy 116representative of certain primary data 112, a pointer or other locationindicia (e.g., a stub) may be placed in primary data 112, or beotherwise associated with primary data 112 to indicate the currentlocation on the secondary storage device(s) 108 of secondary copy 116.

Since an instance of a data object or metadata in primary data 112 maychange over time as it is modified by an application 110 (or hostedservice or the operating system), the information management system 100may create and manage multiple secondary copies 116 of a particular dataobject or metadata, each representing the state of the data object inprimary data 112 at a particular point in time. Moreover, since aninstance of a data object in primary data 112 may eventually be deletedfrom the primary storage device 104 and the file system, the informationmanagement system 100 may continue to manage point-in-timerepresentations of that data object, even though the instance in primarydata 112 no longer exists.

For virtualized computing devices the operating system and otherapplications 110 of the client computing device(s) 102 may executewithin or under the management of virtualization software (e.g., a VMM),and the primary storage device(s) 104 may comprise a virtual diskcreated on a physical storage device. The information management system100 may create secondary copies 116 of the files or other data objectsin a virtual disk file and/or secondary copies 116 of the entire virtualdisk file itself (e.g., of an entire .vmdk file).

Secondary copies 116 may be distinguished from corresponding primarydata 112 in a variety of ways, some of which will now be described.First, as discussed, secondary copies 116 can be stored in a differentformat (e.g., backup, archive, or other non-native format) than primarydata 112. For this or other reasons, secondary copies 116 may not bedirectly useable by the applications 110 of the client computing device102, e.g., via standard system calls or otherwise without modification,processing, or other intervention by the information management system100.

Secondary copies 116 are also in some embodiments stored on a secondarystorage device 108 that is inaccessible to the applications 110 runningon the client computing devices 102 (and/or hosted services). Somesecondary copies 116 may be “offline copies,” in that they are notreadily available (e.g., not mounted to tape or disk). Offline copiescan include copies of data that the information management system 100can access without human intervention (e.g., tapes within an automatedtape library, but not yet mounted in a drive), and copies that theinformation management system 100 can access only with at least somehuman intervention (e.g., tapes located at an offsite storage site).

The Use of Intermediate Devices for Creating Secondary Copies

Creating secondary copies can be a challenging task. For instance, therecan be hundreds or thousands of client computing devices 102 continuallygenerating large volumes of primary data 112 to be protected. Also,there can be significant overhead involved in the creation of secondarycopies 116. Moreover, secondary storage devices 108 may be specialpurpose components, and interacting with them can require specializedintelligence.

In some cases, the client computing devices 102 interact directly withthe secondary storage device 108 to create the secondary copies 116.However, in view of the factors described above, this approach cannegatively impact the ability of the client computing devices 102 toserve the applications 110 and produce primary data 112. Further, theclient computing devices 102 may not be optimized for interaction withthe secondary storage devices 108.

Thus, in some embodiments, the information management system 100includes one or more software and/or hardware components which generallyact as intermediaries between the client computing devices 102 and thesecondary storage devices 108. In addition to off-loading certainresponsibilities from the client computing devices 102, theseintermediate components can provide other benefits. For instance, asdiscussed further below with respect to FIG. 1D, distributing some ofthe work involved in creating secondary copies 116 can enhancescalability.

The intermediate components can include one or more secondary storagecomputing devices 106 as shown in FIG. 1A and/or one or more mediaagents, which can be software modules operating on correspondingsecondary storage computing devices 106 (or other appropriate computingdevices). Media agents are discussed below (e.g., with respect to FIGS.1C-1E).

The secondary storage computing device(s) 106 can comprise any of thecomputing devices described above, without limitation. In some cases,the secondary storage computing device(s) 106 include specializedhardware and/or software componentry for interacting with the secondarystorage devices 108.

To create a secondary copy 116 involving the copying of data from theprimary storage subsystem 117 to the secondary storage subsystem 118,the client computing device 102 in some embodiments communicates theprimary data 112 to be copied (or a processed version thereof) to thedesignated secondary storage computing device 106, via the communicationpathway 114. The secondary storage computing device 106 in turn conveysthe received data (or a processed version thereof) to the secondarystorage device 108. In some such configurations, the communicationpathway 114 between the client computing device 102 and the secondarystorage computing device 106 comprises a portion of a LAN, WAN or SAN.In other cases, at least some client computing devices 102 communicatedirectly with the secondary storage devices 108 (e.g., via Fibre Channelor SCSI connections). In some other cases, one or more secondary copies116 are created from existing secondary copies, such as in the case ofan auxiliary copy operation, described in greater detail below.

Exemplary Primary Data and an Exemplary Secondary Copy

FIG. 1B is a detailed view showing some specific examples of primarydata stored on the primary storage device(s) 104 and secondary copy datastored on the secondary storage device(s) 108, with other components inthe system removed for the purposes of illustration. Stored on theprimary storage device(s) 104 are primary data objects including wordprocessing documents 119A-B, spreadsheets 120, presentation documents122, video files 124, image files 126, email mailboxes 128 (andcorresponding email messages 129A-C), html/xml or other types of markuplanguage files 130, databases 132 and corresponding tables or other datastructures 133A-133C).

Some or all primary data objects are associated with correspondingmetadata (e.g., “Meta1-11”), which may include file system metadataand/or application specific metadata. Stored on the secondary storagedevice(s) 108 are secondary copy data objects 134A-C which may includecopies of or otherwise represent corresponding primary data objects andmetadata.

As shown, the secondary copy data objects 134A-C can individuallyrepresent more than one primary data object. For example, secondary copydata object 134A represents three separate primary data objects 133C,122, and 129C (represented as 133C′, 122′, and 129C′, respectively, andaccompanied by the corresponding metadata Meta11, Meta3, and Meta8,respectively). Moreover, as indicated by the prime mark (′), a secondarycopy object may store a representation of a primary data object and/ormetadata differently than the original format, e.g., in a compressed,encrypted, deduplicated, or other modified format. Likewise, secondarydata object 134B represents primary data objects 120, 133B, and 119A as120′, 133B′, and 119A′, respectively and accompanied by correspondingmetadata Meta2, Meta10, and Meta1, respectively. Also, secondary dataobject 134C represents primary data objects 133A, 119B, and 129A as133A′, 119B′, and 129A′, respectively, accompanied by correspondingmetadata Meta9, Meta5, and Meta6, respectively.

Exemplary Information Management System Architecture

The information management system 100 can incorporate a variety ofdifferent hardware and software components, which can in turn beorganized with respect to one another in many different configurations,depending on the embodiment. There are critical design choices involvedin specifying the functional responsibilities of the components and therole of each component in the information management system 100. Forinstance, as will be discussed, such design choices can impactperformance as well as the adaptability of the information managementsystem 100 to data growth or other changing circumstances.

FIG. 1C shows an information management system 100 designed according tothese considerations and which includes: storage manager 140, acentralized storage and/or information manager that is configured toperform certain control functions, one or more data agents 142 executingon the client computing device(s) 102 configured to process primary data112, and one or more media agents 144 executing on the one or moresecondary storage computing devices 106 for performing tasks involvingthe secondary storage devices 108. While distributing functionalityamongst multiple computing devices can have certain advantages, in othercontexts it can be beneficial to consolidate functionality on the samecomputing device. As such, in various other embodiments, one or more ofthe components shown in FIG. 1C as being implemented on separatecomputing devices are implemented on the same computing device. In oneconfiguration, a storage manager 140, one or more data agents 142, andone or more media agents 144 are all implemented on the same computingdevice. In another embodiment, one or more data agents 142 and one ormore media agents 144 are implemented on the same computing device,while the storage manager 140 is implemented on a separate computingdevice, etc. without limitation.

Storage Manager

As noted, the number of components in the information management system100 and the amount of data under management can be quite large. Managingthe components and data is therefore a significant task, and a task thatcan grow in an often unpredictable fashion as the quantity of componentsand data scale to meet the needs of the organization. For these andother reasons, according to certain embodiments, responsibility forcontrolling the information management system 100, or at least asignificant portion of that responsibility, is allocated to the storagemanager 140. By distributing control functionality in this manner, thestorage manager 140 can be adapted independently according to changingcircumstances. Moreover, a computing device for hosting the storagemanager 140 can be selected to best suit the functions of the storagemanager 140. These and other advantages are described in further detailbelow with respect to FIG. 1D.

The storage manager 140 may be a software module or other application,which, in some embodiments operates in conjunction with one or moreassociated data structures, e.g., a dedicated database (e.g., managementdatabase 146). In some embodiments, storage manager 140 is a computingdevice comprising circuitry for executing computer instructions andperforms the functions described herein. The storage manager generallyinitiates, performs, coordinates and/or controls storage and otherinformation management operations performed by the informationmanagement system 100, e.g., to protect and control the primary data 112and secondary copies 116 of data and metadata. In general, storagemanager 100 may be said to manage information management system 100,which includes managing the constituent components, e.g., data agentsand media agents, etc.

As shown by the dashed arrowed lines 114 in FIG. 1C, the storage manager140 may communicate with and/or control some or all elements of theinformation management system 100, such as the data agents 142 and mediaagents 144. Thus, in certain embodiments, control information originatesfrom the storage manager 140 and status reporting is transmitted tostorage manager 140 by the various managed components, whereas payloaddata and payload metadata is generally communicated between the dataagents 142 and the media agents 144 (or otherwise between the clientcomputing device(s) 102 and the secondary storage computing device(s)106), e.g., at the direction of and under the management of the storagemanager 140. Control information can generally include parameters andinstructions for carrying out information management operations, suchas, without limitation, instructions to perform a task associated withan operation, timing information specifying when to initiate a taskassociated with an operation, data path information specifying whatcomponents to communicate with or access in carrying out an operation,and the like. Payload data, on the other hand, can include the actualdata involved in the storage operation, such as content data written toa secondary storage device 108 in a secondary copy operation. Payloadmetadata can include any of the types of metadata described herein, andmay be written to a storage device along with the payload content data(e.g., in the form of a header).

In other embodiments, some information management operations arecontrolled by other components in the information management system 100(e.g., the media agent(s) 144 or data agent(s) 142), instead of or incombination with the storage manager 140.

According to certain embodiments, the storage manager 140 provides oneor more of the following functions:

-   -   initiating execution of secondary copy operations;    -   managing secondary storage devices 108 and inventory/capacity of        the same;    -   reporting, searching, and/or classification of data in the        information management system 100;    -   allocating secondary storage devices 108 for secondary storage        operations;    -   monitoring completion of and providing status reporting related        to secondary storage operations;    -   tracking age information relating to secondary copies 116,        secondary storage devices 108, and comparing the age information        against retention guidelines;    -   tracking movement of data within the information management        system 100;    -   tracking logical associations between components in the        information management system 100;    -   protecting metadata associated with the information management        system 100; and    -   implementing operations management functionality.

The storage manager 140 may maintain a database 146 (or “storage managerdatabase 146” or “management database 146”) of management-related dataand information management policies 148. The database 146 may include amanagement index 150 (or “index 150”) or other data structure thatstores logical associations between components of the system, userpreferences and/or profiles (e.g., preferences regarding encryption,compression, or deduplication of primary or secondary copy data,preferences regarding the scheduling, type, or other aspects of primaryor secondary copy or other operations, mappings of particularinformation management users or user accounts to certain computingdevices or other components, etc.), management tasks, mediacontainerization, or other useful data. For example, the storage manager140 may use the index 150 to track logical associations between mediaagents 144 and secondary storage devices 108 and/or movement of datafrom primary storage devices 104 to secondary storage devices 108. Forinstance, the index 150 may store data associating a client computingdevice 102 with a particular media agent 144 and/or secondary storagedevice 108, as specified in an information management policy 148 (e.g.,a storage policy, which is defined in more detail below).

Administrators and other people may be able to configure and initiatecertain information management operations on an individual basis. Butwhile this may be acceptable for some recovery operations or otherrelatively less frequent tasks, it is often not workable forimplementing on-going organization-wide data protection and management.Thus, the information management system 100 may utilize informationmanagement policies 148 for specifying and executing informationmanagement operations (e.g., on an automated basis). Generally, aninformation management policy 148 can include a data structure or otherinformation source that specifies a set of parameters (e.g., criteriaand rules) associated with storage or other information managementoperations.

The storage manager database 146 may maintain the information managementpolicies 148 and associated data, although the information managementpolicies 148 can be stored in any appropriate location. For instance, aninformation management policy 148 such as a storage policy may be storedas metadata in a media agent database 152 or in a secondary storagedevice 108 (e.g., as an archive copy) for use in restore operations orother information management operations, depending on the embodiment.Information management policies 148 are described further below.

According to certain embodiments, the storage manager database 146comprises a relational database (e.g., an SQL database) for trackingmetadata, such as metadata associated with secondary copy operations(e.g., what client computing devices 102 and corresponding data wereprotected). This and other metadata may additionally be stored in otherlocations, such as at the secondary storage computing devices 106 or onthe secondary storage devices 108, allowing data recovery without theuse of the storage manager 140 in some cases.

As shown, the storage manager 140 may include a jobs agent 156, a userinterface 158, and a management agent 154, all of which may beimplemented as interconnected software modules or application programs.

The jobs agent 156 in some embodiments initiates, controls, and/ormonitors the status of some or all storage or other informationmanagement operations previously performed, currently being performed,or scheduled to be performed by the information management system 100.For instance, the jobs agent 156 may access information managementpolicies 148 to determine when and how to initiate and control secondarycopy and other information management operations, as will be discussedfurther.

The user interface 158 may include information processing and displaysoftware, such as a graphical user interface (“GUI”), an applicationprogram interface (“API”), or other interactive interface(s) throughwhich users and system processes can retrieve information about thestatus of information management operations (e.g., storage operations)or issue instructions to the information management system 100 and itsconstituent components. Via the user interface 158, users may optionallyissue instructions to the components in the information managementsystem 100 regarding performance of storage and recovery operations. Forexample, a user may modify a schedule concerning the number of pendingsecondary copy operations. As another example, a user may employ the GUIto view the status of pending storage operations or to monitor thestatus of certain components in the information management system 100(e.g., the amount of capacity left in a storage device).

An “information management cell” (or “storage operation cell” or “cell”)may generally include a logical and/or physical grouping of acombination of hardware and software components associated withperforming information management operations on electronic data,typically one storage manager 140 and at least one client computingdevice 102 (comprising data agent(s) 142) and at least one media agent144. For instance, the components shown in FIG. 1C may together form aninformation management cell. Multiple cells may be organizedhierarchically. With this configuration, cells may inherit propertiesfrom hierarchically superior cells or be controlled by other cells inthe hierarchy (automatically or otherwise). Alternatively, in someembodiments, cells may inherit or otherwise be associated withinformation management policies, preferences, information managementmetrics, or other properties or characteristics according to theirrelative position in a hierarchy of cells. Cells may also be delineatedand/or organized hierarchically according to function, geography,architectural considerations, or other factors useful or desirable inperforming information management operations. A first cell may representa geographic segment of an enterprise, such as a Chicago office, and asecond cell may represent a different geographic segment, such as a NewYork office. Other cells may represent departments within a particularoffice. Where delineated by function, a first cell may perform one ormore first types of information management operations (e.g., one or morefirst types of secondary or other copies), and a second cell may performone or more second types of information management operations (e.g., oneor more second types of secondary or other copies).

The storage manager 140 may also track information that permits it toselect, designate, or otherwise identify content indices, deduplicationdatabases, or similar databases or resources or data sets within itsinformation management cell (or another cell) to be searched in responseto certain queries. Such queries may be entered by the user viainteraction with the user interface 158. In general, the managementagent 154 allows multiple information management cells to communicatewith one another. For example, the information management system 100 insome cases may be one information management cell of a network ofmultiple cells adjacent to one another or otherwise logically related ina WAN or LAN. With this arrangement, the cells may be connected to oneanother through respective management agents 154.

For instance, the management agent 154 can provide the storage manager140 with the ability to communicate with other components within theinformation management system 100 (and/or other cells within a largerinformation management system) via network protocols and applicationprogramming interfaces (“APIs”) including, e.g., HTTP, HTTPS, FTP, REST,virtualization software APIs, cloud service provider APIs, and hostedservice provider APIs. Inter-cell communication and hierarchy isdescribed in greater detail in e.g., U.S. Pat. Nos. 7,747,579 and7,343,453, which are incorporated by reference herein.

Data Agents

As discussed, a variety of different types of applications 110 canoperate on a given client computing device 102, including operatingsystems, database applications, e-mail applications, and virtualmachines, just to name a few. And, as part of the process of creatingand restoring secondary copies 116, the client computing devices 102 maybe tasked with processing and preparing the primary data 112 from thesevarious different applications 110. Moreover, the nature of theprocessing/preparation can differ across clients and application types,e.g., due to inherent structural and formatting differences amongapplications 110.

The one or more data agent(s) 142 are therefore advantageouslyconfigured in some embodiments to assist in the performance ofinformation management operations based on the type of data that isbeing protected, at a client-specific and/or application-specific level.

The data agent 142 may be a software module or component that isgenerally responsible for managing, initiating, or otherwise assistingin the performance of information management operations in informationmanagement system 100, generally as directed by storage manager 140. Forinstance, the data agent 142 may take part in performing data storageoperations such as the copying, archiving, migrating, and/or replicatingof primary data 112 stored in the primary storage device(s) 104. Thedata agent 142 may receive control information from the storage manager140, such as commands to transfer copies of data objects, metadata, andother payload data to the media agents 144.

In some embodiments, a data agent 142 may be distributed between theclient computing device 102 and storage manager 140 (and any otherintermediate components) or may be deployed from a remote location orits functions approximated by a remote process that performs some or allof the functions of data agent 142. In addition, a data agent 142 mayperform some functions provided by a media agent 144, or may performother functions such as encryption and deduplication.

As indicated, each data agent 142 may be specialized for a particularapplication 110, and the system can employ multiple application-specificdata agents 142, each of which may perform information managementoperations (e.g., perform backup, migration, and data recovery)associated with a different application 110. For instance, differentindividual data agents 142 may be designed to handle Microsoft Exchangedata, Lotus Notes data, Microsoft Windows file system data, MicrosoftActive Directory Objects data, SQL Server data, SharePoint data, Oracledatabase data, SAP database data, virtual machines and/or associateddata, and other types of data.

A file system data agent, for example, may handle data files and/orother file system information. If a client computing device 102 has twoor more types of data, a specialized data agent 142 may be used for eachdata type to copy, archive, migrate, and restore the client computingdevice 102 data. For example, to backup, migrate, and/or restore all ofthe data on a Microsoft Exchange server, the client computing device 102may use a Microsoft Exchange Mailbox data agent 142 to back up theExchange mailboxes, a Microsoft Exchange Database data agent 142 to backup the Exchange databases, a Microsoft Exchange Public Folder data agent142 to back up the Exchange Public Folders, and a Microsoft Windows FileSystem data agent 142 to back up the file system of the client computingdevice 102. In such embodiments, these specialized data agents 142 maybe treated as four separate data agents 142 even though they operate onthe same client computing device 102.

Other embodiments may employ one or more generic data agents 142 thatcan handle and process data from two or more different applications 110,or that can handle and process multiple data types, instead of or inaddition to using specialized data agents 142. For example, one genericdata agent 142 may be used to back up, migrate and restore MicrosoftExchange Mailbox data and Microsoft Exchange Database data while anothergeneric data agent may handle Microsoft Exchange Public Folder data andMicrosoft Windows File System data.

Each data agent 142 may be configured to access data and/or metadatastored in the primary storage device(s) 104 associated with the dataagent 142 and process the data as appropriate. For example, during asecondary copy operation, the data agent 142 may arrange or assemble thedata and metadata into one or more files having a certain format (e.g.,a particular backup or archive format) before transferring the file(s)to a media agent 144 or other component. The file(s) may include a listof files or other metadata. Each data agent 142 can also assist inrestoring data or metadata to primary storage devices 104 from asecondary copy 116. For instance, the data agent 142 may operate inconjunction with the storage manager 140 and one or more of the mediaagents 144 to restore data from secondary storage device(s) 108.

Media Agents

As indicated above with respect to FIG. 1A, off-loading certainresponsibilities from the client computing devices 102 to intermediatecomponents such as the media agent(s) 144 can provide a number ofbenefits including improved client computing device 102 operation,faster secondary copy operation performance, and enhanced scalability.In one specific example which will be discussed below in further detail,the media agent 144 can act as a local cache of copied data and/ormetadata that it has stored to the secondary storage device(s) 108,providing improved restore capabilities.

Generally speaking, a media agent 144 may be implemented as a softwaremodule that manages, coordinates, and facilitates the transmission ofdata, as directed by the storage manager 140, between a client computingdevice 102 and one or more secondary storage devices 108. Whereas thestorage manager 140 controls the operation of the information managementsystem 100, the media agent 144 generally provides a portal to secondarystorage devices 108. For instance, other components in the systeminteract with the media agents 144 to gain access to data stored on thesecondary storage devices 108, whether it be for the purposes ofreading, writing, modifying, or deleting data. Moreover, as will bedescribed further, media agents 144 can generate and store informationrelating to characteristics of the stored data and/or metadata, or cangenerate and store other types of information that generally providesinsight into the contents of the secondary storage devices 108.

Media agents 144 can comprise separate nodes in the informationmanagement system 100 (e.g., nodes that are separate from the clientcomputing devices 102, storage manager 140, and/or secondary storagedevices 108). In general, a node within the information managementsystem 100 can be a logically and/or physically separate component, andin some cases is a component that is individually addressable orotherwise identifiable. In addition, each media agent 144 may operate ona dedicated secondary storage computing device 106 in some cases, whilein other embodiments a plurality of media agents 144 operate on the samesecondary storage computing device 106.

A media agent 144 (and corresponding media agent database 152) may beconsidered to be “associated with” a particular secondary storage device108 if that media agent 144 is capable of one or more of: routing and/orstoring data to the particular secondary storage device 108,coordinating the routing and/or storing of data to the particularsecondary storage device 108, retrieving data from the particularsecondary storage device 108, coordinating the retrieval of data from aparticular secondary storage device 108, and modifying and/or deletingdata retrieved from the particular secondary storage device 108.

While media agent(s) 144 are generally associated with one or moresecondary storage devices 108, one or more media agents 144 in certainembodiments are physically separate from the secondary storage devices108. For instance, the media agents 144 may operate on secondary storagecomputing devices 106 having different housings or packages than thesecondary storage devices 108. In one example, a media agent 144operates on a first server computer and is in communication with asecondary storage device(s) 108 operating in a separate, rack-mountedRAID-based system.

Where the information management system 100 includes multiple mediaagents 144 (see, e.g., FIG. 1D), a first media agent 144 may providefailover functionality for a second, failed media agent 144. Inaddition, media agents 144 can be dynamically selected for storageoperations to provide load balancing. Failover and load balancing aredescribed in greater detail below.

In operation, a media agent 144 associated with a particular secondarystorage device 108 may instruct the secondary storage device 108 toperform an information management operation. For instance, a media agent144 may instruct a tape library to use a robotic arm or other retrievalmeans to load or eject a certain storage media, and to subsequentlyarchive, migrate, or retrieve data to or from that media, e.g., for thepurpose of restoring the data to a client computing device 102. Asanother example, a secondary storage device 108 may include an array ofhard disk drives or solid state drives organized in a RAIDconfiguration, and the media agent 144 may forward a logical unit number(LUN) and other appropriate information to the array, which uses thereceived information to execute the desired storage operation. The mediaagent 144 may communicate with a secondary storage device 108 via asuitable communications link, such as a SCSI or Fiber Channel link.

As shown, each media agent 144 may maintain an associated media agentdatabase 152. The media agent database 152 may be stored in a disk orother storage device (not shown) that is local to the secondary storagecomputing device 106 on which the media agent 144 operates. In othercases, the media agent database 152 is stored remotely from thesecondary storage computing device 106.

The media agent database 152 can include, among other things, an index153 (see, e.g., FIG. 1C), which comprises information generated duringsecondary copy operations and other storage or information managementoperations. The index 153 provides a media agent 144 or other componentwith a fast and efficient mechanism for locating secondary copies 116 orother data stored in the secondary storage devices 108. In some cases,the index 153 does not form a part of and is instead separate from themedia agent database 152.

A media agent index 153 or other data structure associated with theparticular media agent 144 may include information about the storeddata. For instance, for each secondary copy 116, the index 153 mayinclude metadata such as a list of the data objects (e.g.,files/subdirectories, database objects, mailbox objects, etc.), a pathto the secondary copy 116 on the corresponding secondary storage device108, location information indicating where the data objects are storedin the secondary storage device 108, when the data objects were createdor modified, etc. Thus, the index 153 includes metadata associated withthe secondary copies 116 that is readily available for use withouthaving to be first retrieved from the secondary storage device 108. Inyet further embodiments, some or all of the information in index 153 mayinstead or additionally be stored along with the secondary copies ofdata in a secondary storage device 108. In some embodiments, thesecondary storage devices 108 can include sufficient information toperform a “bare metal restore”, where the operating system of a failedclient computing device 102 or other restore target is automaticallyrebuilt as part of a restore operation.

Because the index 153 maintained in the media agent database 152 mayoperate as a cache, it can also be referred to as “an index cache.” Insuch cases, information stored in the index cache 153 typicallycomprises data that reflects certain particulars about storageoperations that have occurred relatively recently. After some triggeringevent, such as after a certain period of time elapses, or the indexcache 153 reaches a particular size, the index cache 153 may be copiedor migrated to a secondary storage device(s) 108. This information mayneed to be retrieved and uploaded back into the index cache 153 orotherwise restored to a media agent 144 to facilitate retrieval of datafrom the secondary storage device(s) 108. In some embodiments, thecached information may include format or containerization informationrelated to archives or other files stored on the storage device(s) 108.In this manner, the index cache 153 allows for accelerated restores.

In some alternative embodiments the media agent 144 generally acts as acoordinator or facilitator of storage operations between clientcomputing devices 102 and corresponding secondary storage devices 108,but does not actually write the data to the secondary storage device108. For instance, the storage manager 140 (or the media agent 144) mayinstruct a client computing device 102 and secondary storage device 108to communicate with one another directly. In such a case the clientcomputing device 102 transmits the data directly or via one or moreintermediary components to the secondary storage device 108 according tothe received instructions, and vice versa. In some such cases, the mediaagent 144 may still receive, process, and/or maintain metadata relatedto the storage operations. Moreover, in these embodiments, the payloaddata can flow through the media agent 144 for the purposes of populatingthe index cache 153 maintained in the media agent database 152, but notfor writing to the secondary storage device 108.

The media agent 144 and/or other components such as the storage manager140 may in some cases incorporate additional functionality, such as dataclassification, content indexing, deduplication, encryption,compression, and the like. Further details regarding these and otherfunctions are described below.

Distributed, Scalable Architecture

As described, certain functions of the information management system 100can be distributed amongst various physical and/or logical components inthe system. For instance, one or more of the storage manager 140, dataagents 142, and media agents 144 may operate on computing devices thatare physically separate from one another. This architecture can providea number of benefits.

For instance, hardware and software design choices for each distributedcomponent can be targeted to suit its particular function. The secondarycomputing devices 106 on which the media agents 144 operate can betailored for interaction with associated secondary storage devices 108and provide fast index cache operation, among other specific tasks.Similarly, the client computing device(s) 102 can be selected toeffectively service the applications 110 thereon, in order toefficiently produce and store primary data 112.

Moreover, in some cases, one or more of the individual components in theinformation management system 100 can be distributed to multiple,separate computing devices. As one example, for large file systems wherethe amount of data stored in the management database 146 is relativelylarge, the database 146 may be migrated to or otherwise reside on aspecialized database server (e.g., an SQL server) separate from a serverthat implements the other functions of the storage manager 140. Thisdistributed configuration can provide added protection because thedatabase 146 can be protected with standard database utilities (e.g.,SQL log shipping or database replication) independent from otherfunctions of the storage manager 140. The database 146 can beefficiently replicated to a remote site for use in the event of adisaster or other data loss at the primary site. Or the database 146 canbe replicated to another computing device within the same site, such asto a higher performance machine in the event that a storage manager hostdevice can no longer service the needs of a growing informationmanagement system 100.

The distributed architecture also provides both scalability andefficient component utilization. FIG. 1D shows an embodiment of theinformation management system 100 including a plurality of clientcomputing devices 102 and associated data agents 142 as well as aplurality of secondary storage computing devices 106 and associatedmedia agents 144.

Additional components can be added or subtracted based on the evolvingneeds of the information management system 100. For instance, dependingon where bottlenecks are identified, administrators can add additionalclient computing devices 102, secondary storage computing devices 106(and corresponding media agents 144), and/or secondary storage devices108. Moreover, where multiple fungible components are available, loadbalancing can be implemented to dynamically address identifiedbottlenecks. As an example, the storage manager 140 may dynamicallyselect which media agents 144 and/or secondary storage devices 108 touse for storage operations based on a processing load analysis of themedia agents 144 and/or secondary storage devices 108, respectively.

Moreover, each client computing device 102 in some embodiments cancommunicate with, among other components, any of the media agents 144,e.g., as directed by the storage manager 140. And each media agent 144may be able to communicate with, among other components, any of thesecondary storage devices 108, e.g., as directed by the storage manager140. Thus, operations can be routed to the secondary storage devices 108in a dynamic and highly flexible manner, to provide load balancing,failover, and the like. Further examples of scalable systems capable ofdynamic storage operations, and of systems capable of performing loadbalancing and fail over are provided in U.S. Pat. No. 7,246,207, whichis incorporated by reference herein.

In alternative configurations, certain components are not distributedand may instead reside and execute on the same computing device. Forexample, in some embodiments, one or more data agents 142 and thestorage manager 140 operate on the same client computing device 102. Inanother embodiment, one or more data agents 142 and one or more mediaagents 144 operate on a single computing device.

Exemplary Types of Information Management Operations

In order to protect and leverage stored data, the information managementsystem 100 can be configured to perform a variety of informationmanagement operations. As will be described, these operations cangenerally include secondary copy and other data movement operations,processing and data manipulation operations, analysis, reporting, andmanagement operations. The operations described herein may be performedon any type of computing device, e.g., between two computers connectedvia a LAN, to a mobile client telecommunications device connected to aserver via a WLAN, to any manner of client computing device coupled to acloud storage target, etc., without limitation.

Data Movement Operations

Data movement operations according to certain embodiments are generallyoperations that involve the copying or migration of data (e.g., payloaddata) between different locations in the information management system100 in an original/native and/or one or more different formats. Forexample, data movement operations can include operations in which storeddata is copied, migrated, or otherwise transferred from one or morefirst storage devices to one or more second storage devices, such asfrom primary storage device(s) 104 to secondary storage device(s) 108,from secondary storage device(s) 108 to different secondary storagedevice(s) 108, from secondary storage devices 108 to primary storagedevices 104, or from primary storage device(s) 104 to different primarystorage device(s) 104.

Data movement operations can include by way of example, backupoperations, archive operations, information lifecycle managementoperations such as hierarchical storage management operations,replication operations (e.g., continuous data replication operations),snapshot operations, deduplication or single-instancing operations,auxiliary copy operations, and the like. As will be discussed, some ofthese operations involve the copying, migration or other movement ofdata, without actually creating multiple, distinct copies. Nonetheless,some or all of these operations are referred to as “copy” operations forsimplicity.

Backup Operations

A backup operation creates a copy of a version of data (e.g., one ormore files or other data units) in primary data 112 at a particularpoint in time. Each subsequent backup copy may be maintainedindependently of the first. Further, a backup copy in some embodimentsis generally stored in a form that is different than the native format,e.g., a backup format. This can be in contrast to the version in primarydata 112 from which the backup copy is derived, and which may instead bestored in a native format of the source application(s) 110. In variouscases, backup copies can be stored in a format in which the data iscompressed, encrypted, deduplicated, and/or otherwise modified from theoriginal application format. For example, a backup copy may be stored ina backup format that facilitates compression and/or efficient long-termstorage.

Backup copies can have relatively long retention periods as compared toprimary data 112, and may be stored on media with slower retrieval timesthan primary data 112 and certain other types of secondary copies 116.On the other hand, backups may have relatively shorter retention periodsthan some other types of secondary copies 116, such as archive copies(described below). Backups may sometimes be stored at on offsitelocation.

Backup operations can include full backups, differential backups,incremental backups, “synthetic full” backups, and/or creating a“reference copy.” A full backup (or “standard full backup”) in someembodiments is generally a complete image of the data to be protected.However, because full backup copies can consume a relatively largeamount of storage, it can be useful to use a full backup copy as abaseline and only store changes relative to the full backup copy forsubsequent backup copies.

For instance, a differential backup operation (or cumulative incrementalbackup operation) tracks and stores changes that have occurred since thelast full backup. Differential backups can grow quickly in size, but canprovide relatively efficient restore times because a restore can becompleted in some cases using only the full backup copy and the latestdifferential copy.

An incremental backup operation generally tracks and stores changessince the most recent backup copy of any type, which can greatly reducestorage utilization. In some cases, however, restore times can berelatively long in comparison to full or differential backups becausecompleting a restore operation may involve accessing a full backup inaddition to multiple incremental backups.

Synthetic full backups generally consolidate data without directlybacking up data from the client computing device. A synthetic fullbackup is created from the most recent full backup (i.e., standard orsynthetic) and subsequent incremental and/or differential backups. Theresulting synthetic full backup is identical to what would have beencreated had the last backup for the subclient been a standard fullbackup. Unlike standard full, incremental, and differential backups, asynthetic full backup does not actually transfer data from a clientcomputer to the backup media, because it operates as a backupconsolidator. A synthetic full backup extracts the index data of eachparticipating subclient. Using this index data and the previously backedup user data images, it builds new full backup images, one for eachsubclient. The new backup images consolidate the index and user datastored in the related incremental, differential, and previous fullbackups, in some embodiments creating an archive file at the subclientlevel.

Any of the above types of backup operations can be at the volume-level,file-level, or block-level. Volume level backup operations generallyinvolve the copying of a data volume (e.g., a logical disk or partition)as a whole. In a file-level backup, the information management system100 may generally track changes to individual files, and includes copiesof files in the backup copy. In the case of a block-level backup, filesare broken into constituent blocks, and changes are tracked at theblock-level. Upon restore, the information management system 100reassembles the blocks into files in a transparent fashion.

Far less data may actually be transferred and copied to the secondarystorage devices 108 during a file-level copy than a volume-level copy.Likewise, a block-level copy may involve the transfer of less data thana file-level copy, resulting in faster execution times. However,restoring a relatively higher-granularity copy can result in longerrestore times. For instance, when restoring a block-level copy, theprocess of locating constituent blocks can sometimes result in longerrestore times as compared to file-level backups. Similar to backupoperations, the other types of secondary copy operations describedherein can also be implemented at either the volume-level, file-level,or block-level.

For example, in some embodiments, a reference copy may comprisecopy(ies) of selected objects from backed up data, typically to helporganize data by keeping contextual information from multiple sourcestogether, and/or help retain specific data for a longer period of time,such as for legal hold needs. A reference copy generally maintains dataintegrity, and when the data is restored, it may be viewed in the sameformat as the source data. In some embodiments, a reference copy isbased on a specialized client, individual subclient and associatedinformation management policies (e.g., storage policy, retention policy,etc.) that are administered within information management system 100.

Archive Operations

Because backup operations generally involve maintaining a version of thecopied data in primary data 112 and also maintaining backup copies insecondary storage device(s) 108, they can consume significant storagecapacity. To help reduce storage consumption, an archive operationaccording to certain embodiments creates a secondary copy 116 by bothcopying and removing source data. Or, seen another way, archiveoperations can involve moving some or all of the source data to thearchive destination. Thus, data satisfying criteria for removal (e.g.,data of a threshold age or size) may be removed from source storage. Thesource data may be primary data 112 or a secondary copy 116, dependingon the situation. As with backup copies, archive copies can be stored ina format in which the data is compressed, encrypted, deduplicated,and/or otherwise modified from the format of the original application orsource copy. In addition, archive copies may be retained for relativelylong periods of time (e.g., years) and, in some cases, are neverdeleted. Archive copies are generally retained for longer periods oftime than backup copies, for example. In certain embodiments, archivecopies may be made and kept for extended periods in order to meetcompliance regulations.

Moreover, when primary data 112 is archived, in some cases thecorresponding primary data 112 or a portion thereof is deleted whencreating the archive copy. Thus, archiving can serve the purpose offreeing up space in the primary storage device(s) 104 and easing thedemand on computational resources on client computing device 102.Similarly, when a secondary copy 116 is archived, the secondary copy 116may be deleted, and an archive copy can therefore serve the purpose offreeing up space in secondary storage device(s) 108. In contrast, sourcecopies often remain intact when creating backup copies. Examples ofcompatible data archiving operations are provided in U.S. Pat. No.7,107,298, which is incorporated by reference herein.

Snapshot Operations

Snapshot operations can provide a relatively lightweight, efficientmechanism for protecting data. From an end-user viewpoint, a snapshotmay be thought of as an “instant” image of the primary data 112 at agiven point in time, and may include state and/or status informationrelative to an application that creates/manages the primary data. In oneembodiment, a snapshot may generally capture the directory structure ofan object in primary data 112 such as a file or volume or other data setat a particular moment in time and may also preserve file attributes andcontents. A snapshot in some cases is created relatively quickly, e.g.,substantially instantly, using a minimum amount of file space, but maystill function as a conventional file system backup.

A “hardware snapshot” (or “hardware-based snapshot”) operation can be asnapshot operation where a target storage device (e.g., a primarystorage device 104 or a secondary storage device 108) performs thesnapshot operation in a self-contained fashion, substantiallyindependently, using hardware, firmware and/or software operating on thestorage device itself. For instance, the storage device may be capableof performing snapshot operations upon request, generally withoutintervention or oversight from any of the other components in theinformation management system 100. In this manner, hardware snapshotscan off-load other components of information management system 100 fromprocessing involved in snapshot creation and management.

A “software snapshot” (or “software-based snapshot”) operation, on theother hand, can be a snapshot operation in which one or more othercomponents in information management system 100 (e.g., client computingdevices 102, data agents 142, etc.) implement a software layer thatmanages the snapshot operation via interaction with the target storagedevice. For instance, the component executing the snapshot managementsoftware layer may derive a set of pointers and/or data that representsthe snapshot. The snapshot management software layer may then transmitthe same to the target storage device, along with appropriateinstructions for writing the snapshot.

Some types of snapshots do not actually create another physical copy ofall the data as it existed at the particular point in time, but maysimply create pointers that are able to map files and directories tospecific memory locations (e.g., to specific disk blocks) where the dataresides, as it existed at the particular point in time. For example, asnapshot copy may include a set of pointers derived from the file systemor from an application. In some other cases, the snapshot may be createdat the block-level, such that creation of the snapshot occurs withoutawareness of the file system. Each pointer points to a respective storeddata block, so that collectively, the set of pointers reflect thestorage location and state of the data object (e.g., file(s) orvolume(s) or data set(s)) at a particular point in time when thesnapshot copy was created.

An initial snapshot may use only a small amount of disk space needed torecord a mapping or other data structure representing or otherwisetracking the blocks that correspond to the current state of the filesystem. Additional disk space is usually required only when files anddirectories are modified later on. Furthermore, when files are modified,typically only the pointers which map to blocks are copied, not theblocks themselves. In some embodiments, for example in the case of“copy-on-write” snapshots, when a block changes in primary storage, theblock is copied to secondary storage or cached in primary storage beforethe block is overwritten in primary storage, and the pointer to thatblock changed to reflect the new location of that block. The snapshotmapping of file system data may also be updated to reflect the changedblock(s) at that particular point in time. In some other cases, asnapshot includes a full physical copy of all or substantially all ofthe data represented by the snapshot. Further examples of snapshotoperations are provided in U.S. Pat. No. 7,529,782, which isincorporated by reference herein.

A snapshot copy in many cases can be made quickly and withoutsignificantly impacting primary computing resources because largeamounts of data need not be copied or moved. In some embodiments, asnapshot may exist as a virtual file system, parallel to the actual filesystem. Users in some cases gain read-only access to the record of filesand directories of the snapshot. By electing to restore primary data 112from a snapshot taken at a given point in time, users may also returnthe current file system to the state of the file system that existedwhen the snapshot was taken.

Replication Operations

Another type of secondary copy operation is a replication operation.Some types of secondary copies 116 are used to periodically captureimages of primary data 112 at particular points in time (e.g., backups,archives, and snapshots). However, it can also be useful for recoverypurposes to protect primary data 112 in a more continuous fashion, byreplicating the primary data 112 substantially as changes occur. In somecases a replication copy can be a mirror copy, for instance, wherechanges made to primary data 112 are mirrored or substantiallyimmediately copied to another location (e.g., to secondary storagedevice(s) 108). By copying each write operation to the replication copy,two storage systems are kept synchronized or substantially synchronizedso that they are virtually identical at approximately the same time.Where entire disk volumes are mirrored, however, mirroring can requiresignificant amount of storage space and utilizes a large amount ofprocessing resources.

According to some embodiments storage operations are performed onreplicated data that represents a recoverable state, or “known goodstate” of a particular application running on the source system. Forinstance, in certain embodiments, known good replication copies may beviewed as copies of primary data 112. This feature allows the system todirectly access, copy, restore, backup or otherwise manipulate thereplication copies as if the data were the “live” primary data 112. Thiscan reduce access time, storage utilization, and impact on sourceapplications 110, among other benefits. Based on known good stateinformation, the information management system 100 can replicatesections of application data that represent a recoverable state ratherthan rote copying of blocks of data. Examples of compatible replicationoperations (e.g., continuous data replication) are provided in U.S. Pat.No. 7,617,262, which is incorporated by reference herein.

Deduplication/Single-Instancing Operations

Another type of data movement operation is deduplication orsingle-instance storage, which is useful to reduce the amount ofnon-primary data. For instance, some or all of the above-describedsecondary storage operations can involve deduplication in some fashion.New data is read, broken down into portions (e.g., sub-file levelblocks, files, etc.) of a selected granularity, compared with blocksthat are already in secondary storage, and only the new blocks arestored. Blocks that already exist are represented as pointers to thealready stored data.

In order to streamline the comparison process, the informationmanagement system 100 may calculate and/or store signatures (e.g.,hashes or cryptographically unique IDs) corresponding to the individualdata blocks in a database and compare the signatures instead ofcomparing entire data blocks. In some cases, only a single instance ofeach element is stored, and deduplication operations may therefore bereferred to interchangeably as “single-instancing” operations. Dependingon the implementation, however, deduplication or single-instancingoperations can store more than one instance of certain data blocks, butnonetheless significantly reduce data redundancy. Depending on theembodiment, deduplication blocks can be of fixed or variable length.Using variable length blocks can provide enhanced deduplication byresponding to changes in the data stream, but can involve complexprocessing. In some cases, the information management system 100utilizes a technique for dynamically aligning deduplication blocks(e.g., fixed-length blocks) based on changing content in the datastream, as described in U.S. Pat. No. 8,364,652, which is incorporatedby reference herein.

The information management system 100 can perform deduplication in avariety of manners at a variety of locations in the informationmanagement system 100. For instance, in some embodiments, theinformation management system 100 implements “target-side” deduplicationby deduplicating data (e.g., secondary copies 116) stored in thesecondary storage devices 108. In some such cases, the media agents 144are generally configured to manage the deduplication process. Forinstance, one or more of the media agents 144 maintain a correspondingdeduplication database that stores deduplication information (e.g.,datablock signatures). Examples of such a configuration are provided inU.S. Pat. Pub. No. 2012/0150826, which is incorporated by referenceherein. Instead of or in combination with “target-side” deduplication,deduplication can also be performed on the “source-side” (or“client-side”), e.g., to reduce the amount of traffic between the mediaagents 144 and the client computing device(s) 102 and/or reduceredundant data stored in the primary storage devices 104. According tovarious implementations, one or more of the storage devices of thetarget-side and/or source-side of an operation can be cloud-basedstorage devices. Thus, the target-side and/or source-side deduplicationcan be cloud-based deduplication. In particular, as discussedpreviously, the storage manager 140 may communicate with othercomponents within the information management system 100 via networkprotocols and cloud service provider APIs to facilitate cloud-baseddeduplication/single instancing. Examples of such deduplicationtechniques are provided in U.S. Pat. Pub. No. 2012/0150818, which isincorporated by reference herein. Some other compatiblededuplication/single instancing techniques are described in U.S. Pat.Pub. Nos. 2006/0224846 and 2009/0319534, which are incorporated byreference herein.

Information Lifecycle Management and Hierarchical Storage ManagementOperations

In some embodiments, files and other data over their lifetime move frommore expensive, quick access storage to less expensive, slower accessstorage. Operations associated with moving data through various tiers ofstorage are sometimes referred to as information lifecycle management(ILM) operations.

One type of ILM operation is a hierarchical storage management (HSM)operation. A HSM operation is generally an operation for automaticallymoving data between classes of storage devices, such as betweenhigh-cost and low-cost storage devices. For instance, an HSM operationmay involve movement of data from primary storage devices 104 tosecondary storage devices 108, or between tiers of secondary storagedevices 108. With each tier, the storage devices may be progressivelyrelatively cheaper, have relatively slower access/restore times, etc.For example, movement of data between tiers may occur as data becomesless important over time.

In some embodiments, an HSM operation is similar to an archive operationin that creating an HSM copy may (though not always) involve deletingsome of the source data, e.g., according to one or more criteria relatedto the source data. For example, an HSM copy may include data fromprimary data 112 or a secondary copy 116 that is larger than a givensize threshold or older than a given age threshold and that is stored ina backup format.

Often, and unlike some types of archive copies, HSM data that is removedor aged from the source is replaced by a logical reference pointer orstub. The reference pointer or stub can be stored in the primary storagedevice 104 (or other source storage device, such as a secondary storagedevice 108) to replace the deleted source data and to point to orotherwise indicate the new location in a secondary storage device 108.

According to one example, files are generally moved between higher andlower cost storage depending on how often the files are accessed. When auser requests access to the HSM data that has been removed or migrated,the information management system 100 uses the stub to locate the dataand may make recovery of the data appear transparent, even though theHSM data may be stored at a location different from other source data.In this manner, the data appears to the user (e.g., in file systembrowsing windows and the like) as if it still resides in the sourcelocation (e.g., in a primary storage device 104). The stub may alsoinclude some metadata associated with the corresponding data, so that afile system and/or application can provide some information about thedata object and/or a limited-functionality version (e.g., a preview) ofthe data object.

An HSM copy may be stored in a format other than the native applicationformat (e.g., where the data is compressed, encrypted, deduplicated,and/or otherwise modified from the original native application format).In some cases, copies which involve the removal of data from sourcestorage and the maintenance of stub or other logical referenceinformation on source storage may be referred to generally as “on-linearchive copies”. On the other hand, copies which involve the removal ofdata from source storage without the maintenance of stub or otherlogical reference information on source storage may be referred to as“off-line archive copies”. Examples of HSM and ILM techniques areprovided in U.S. Pat. No. 7,343,453, which is incorporated by referenceherein.

Auxiliary Copy and Disaster Recovery Operations

An auxiliary copy is generally a copy operation in which a copy iscreated of an existing secondary copy 116. For instance, an initialsecondary copy 116 may be generated using or otherwise be derived fromprimary data 112 (or other data residing in the secondary storagesubsystem 118), whereas an auxiliary copy is generated from the initialsecondary copy 116. Auxiliary copies can be used to create additionalstandby copies of data and may reside on different secondary storagedevices 108 than the initial secondary copies 116. Thus, auxiliarycopies can be used for recovery purposes if initial secondary copies 116become unavailable. Exemplary compatible auxiliary copy techniques aredescribed in further detail in U.S. Pat. No. 8,230,195, which isincorporated by reference herein.

The information management system 100 may also perform disaster recoveryoperations that make or retain disaster recovery copies, often assecondary, high-availability disk copies. The information managementsystem 100 may create secondary disk copies and store the copies atdisaster recovery locations using auxiliary copy or replicationoperations, such as continuous data replication technologies. Dependingon the particular data protection goals, disaster recovery locations canbe remote from the client computing devices 102 and primary storagedevices 104, remote from some or all of the secondary storage devices108, or both.

Data Analysis, Reporting, and Management Operations

Data analysis, reporting, and management operations can be differentthan data movement operations in that they do not necessarily involvethe copying, migration or other transfer of data (e.g., primary data 112or secondary copies 116) between different locations in the system. Forinstance, data analysis operations may involve processing (e.g., offlineprocessing) or modification of already stored primary data 112 and/orsecondary copies 116. However, in some embodiments data analysisoperations are performed in conjunction with data movement operations.Some data analysis operations include content indexing operations andclassification operations which can be useful in leveraging the dataunder management to provide enhanced search and other features. Otherdata analysis operations such as compression and encryption can providedata reduction and security benefits, respectively.

Classification Operations/Content Indexing

In some embodiments, the information management system 100 analyzes andindexes characteristics, content, and metadata associated with theprimary data 112 and/or secondary copies 116. The content indexing canbe used to identify files or other data objects having pre-definedcontent (e.g., user-defined keywords or phrases, other keywords/phrasesthat are not defined by a user, etc.), and/or metadata (e.g., emailmetadata such as “to”, “from”, “cc”, “bcc”, attachment name, receivedtime, etc.).

The information management system 100 generally organizes and cataloguesthe results in a content index, which may be stored within the mediaagent database 152, for example. The content index can also include thestorage locations of (or pointer references to) the indexed data in theprimary data 112 or secondary copies 116, as appropriate. The resultsmay also be stored, in the form of a content index database orotherwise, elsewhere in the information management system 100 (e.g., inthe primary storage devices 104, or in the secondary storage device108). Such index data provides the storage manager 140 or anothercomponent with an efficient mechanism for locating primary data 112and/or secondary copies 116 of data objects that match particularcriteria.

For instance, search criteria can be specified by a user through userinterface 158 of the storage manager 140. In some cases, the informationmanagement system 100 analyzes data and/or metadata in secondary copies116 to create an “off-line” content index, without significantlyimpacting the performance of the client computing devices 102. Dependingon the embodiment, the system can also implement “on-line” contentindexing, e.g., of primary data 112. Examples of compatible contentindexing techniques are provided in U.S. Pat. No. 8,170,995, which isincorporated by reference herein.

One or more components can be configured to scan data and/or associatedmetadata for classification purposes to populate a database (or otherdata structure) of information, which can be referred to as a “dataclassification database” or a “metabase”. Depending on the embodiment,the data classification database(s) can be organized in a variety ofdifferent ways, including centralization, logical sub-divisions, and/orphysical sub-divisions. For instance, one or more centralized dataclassification databases may be associated with different subsystems ortiers within the information management system 100. As an example, theremay be a first centralized metabase associated with the primary storagesubsystem 117 and a second centralized metabase associated with thesecondary storage subsystem 118. In other cases, there may be one ormore metabases associated with individual components, e.g., clientcomputing devices 102 and/or media agents 144. In some embodiments, adata classification database (metabase) may reside as one or more datastructures within management database 146, or may be otherwiseassociated with storage manager 140.

In some cases, the metabase(s) may be included in separate database(s)and/or on separate storage device(s) from primary data 112 and/orsecondary copies 116, such that operations related to the metabase donot significantly impact performance on other components in theinformation management system 100. In other cases, the metabase(s) maybe stored along with primary data 112 and/or secondary copies 116. Filesor other data objects can be associated with identifiers (e.g., tagentries, etc.) in the media agent 144 (or other indices) to facilitatesearches of stored data objects. Among a number of other benefits, themetabase can also allow efficient, automatic identification of files orother data objects to associate with secondary copy or other informationmanagement operations (e.g., in lieu of scanning an entire file system).Examples of compatible metabases and data classification operations areprovided in U.S. Pat. Nos. 8,229,954 and 7,747,579, which areincorporated by reference herein.

Encryption Operations

The information management system 100 in some cases is configured toprocess data (e.g., files or other data objects, secondary copies 116,etc.), according to an appropriate encryption algorithm (e.g., Blowfish,Advanced Encryption Standard [AES], Triple Data Encryption Standard[3-DES], etc.) to limit access and provide data security in theinformation management system 100. The information management system 100in some cases encrypts the data at the client level, such that theclient computing devices 102 (e.g., the data agents 142) encrypt thedata prior to forwarding the data to other components, e.g., beforesending the data to media agents 144 during a secondary copy operation.In such cases, the client computing device 102 may maintain or haveaccess to an encryption key or passphrase for decrypting the data uponrestore. Encryption can also occur when creating copies of secondarycopies, e.g., when creating auxiliary copies or archive copies. In yetfurther embodiments, the secondary storage devices 108 can implementbuilt-in, high performance hardware encryption.

Management and Reporting Operations

Certain embodiments leverage the integrated, ubiquitous nature of theinformation management system 100 to provide useful system-widemanagement and reporting functions. Examples of some compatiblemanagement and reporting techniques are provided in U.S. Pat. No.7,343,453, which is incorporated by reference herein.

Operations management can generally include monitoring and managing thehealth and performance of information management system 100 by, withoutlimitation, performing error tracking, generating granularstorage/performance metrics (e.g., job success/failure information,deduplication efficiency, etc.), generating storage modeling and costinginformation, and the like. As an example, a storage manager 140 or othercomponent in the information management system 100 may analyze trafficpatterns and suggest and/or automatically route data via a particularroute to minimize congestion. In some embodiments, the system cangenerate predictions relating to storage operations or storage operationinformation. Such predictions, which may be based on a trendinganalysis, may predict various network operations or resource usage, suchas network traffic levels, storage media use, use of bandwidth ofcommunication links, use of media agent components, etc. Furtherexamples of traffic analysis, trend analysis, prediction generation, andthe like are described in U.S. Pat. No. 7,343,453, which is incorporatedby reference herein.

In some configurations, a master storage manager 140 may track thestatus of storage operation cells in a hierarchy, such as the status ofjobs, system components, system resources, and other items, bycommunicating with storage managers 140 (or other components) in therespective storage operation cells. Moreover, the master storage manager140 may track the status of its associated storage operation cells andinformation management operations by receiving periodic status updatesfrom the storage managers 140 (or other components) in the respectivecells regarding jobs, system components, system resources, and otheritems. In some embodiments, a master storage manager 140 may storestatus information and other information regarding its associatedstorage operation cells and other system information in its index 150(or other location).

The master storage manager 140 or other component may also determinewhether certain storage-related criteria or other criteria aresatisfied, and perform an action or trigger event (e.g., data migration)in response to the criteria being satisfied, such as where a storagethreshold is met for a particular volume, or where inadequate protectionexists for certain data. For instance, in some embodiments, data fromone or more storage operation cells is used to dynamically andautomatically mitigate recognized risks, and/or to advise users of risksor suggest actions to mitigate these risks. For example, an informationmanagement policy may specify certain requirements (e.g., that a storagedevice should maintain a certain amount of free space, that secondarycopies should occur at a particular interval, that data should be agedand migrated to other storage after a particular period, that data on asecondary volume should always have a certain level of availability andbe restorable within a given time period, that data on a secondaryvolume may be mirrored or otherwise migrated to a specified number ofother volumes, etc.). If a risk condition or other criterion istriggered, the system may notify the user of these conditions and maysuggest (or automatically implement) an action to mitigate or otherwiseaddress the risk. For example, the system may indicate that data from aprimary copy 112 should be migrated to a secondary storage device 108 tofree space on the primary storage device 104. Examples of the use ofrisk factors and other triggering criteria are described in U.S. Pat.No. 7,343,453, which is incorporated by reference herein.

In some embodiments, the system 100 may also determine whether a metricor other indication satisfies particular storage criteria and, if so,perform an action. For example, as previously described, a storagepolicy or other definition might indicate that a storage manager 140should initiate a particular action if a storage metric or otherindication drops below or otherwise fails to satisfy specified criteriasuch as a threshold of data protection. Examples of such metrics aredescribed in U.S. Pat. No. 7,343,453, which is incorporated by referenceherein.

In some embodiments, risk factors may be quantified into certainmeasurable service or risk levels for ease of comprehension. Forexample, certain applications and associated data may be considered tobe more important by an enterprise than other data and services.Financial compliance data, for example, may be of greater importancethan marketing materials, etc. Network administrators may assignpriority values or “weights” to certain data and/or applications,corresponding to the relative importance. The level of compliance ofstorage operations specified for these applications may also be assigneda certain value. Thus, the health, impact, and overall importance of aservice may be determined, such as by measuring the compliance value andcalculating the product of the priority value and the compliance valueto determine the “service level” and comparing it to certain operationalthresholds to determine whether it is acceptable. Further examples ofthe service level determination are provided in U.S. Pat. No. 7,343,453,which is incorporated by reference herein.

The system 100 may additionally calculate data costing and dataavailability associated with information management operation cellsaccording to an embodiment of the invention. For instance, data receivedfrom the cell may be used in conjunction with hardware-relatedinformation and other information about system elements to determine thecost of storage and/or the availability of particular data in thesystem. Exemplary information generated could include how fast aparticular department is using up available storage space, how long datawould take to recover over a particular system pathway from a particularsecondary storage device, costs over time, etc. Moreover, in someembodiments, such information may be used to determine or predict theoverall cost associated with the storage of certain information. Thecost associated with hosting a certain application may be based, atleast in part, on the type of media on which the data resides, forexample. Storage devices may be assigned to a particular costcategories, for example. Further examples of costing techniques aredescribed in U.S. Pat. No. 7,343,453, which is incorporated by referenceherein.

Any of the above types of information (e.g., information related totrending, predictions, job, cell or component status, risk, servicelevel, costing, etc.) can generally be provided to users via the userinterface 158 in a single, integrated view or console (not shown). Theconsole may support a reporting capability that allows for thegeneration of a variety of reports, which may be tailored to aparticular aspect of information management. Report types may include:scheduling, event management, media management and data aging. Availablereports may also include backup history, data aging history, auxiliarycopy history, job history, library and drive, media in library, restorehistory, and storage policy, etc., without limitation. Such reports maybe specified and created at a certain point in time as a systemanalysis, forecasting, or provisioning tool. Integrated reports may alsobe generated that illustrate storage and performance metrics, risks andstorage costing information. Moreover, users may create their ownreports based on specific needs.

The integrated user interface 158 can include an option to show a“virtual view” of the system that graphically depicts the variouscomponents in the system using appropriate icons. As one example, theuser interface 158 may provide a graphical depiction of one or moreprimary storage devices 104, the secondary storage devices 108, dataagents 142 and/or media agents 144, and their relationship to oneanother in the information management system 100. The operationsmanagement functionality can facilitate planning and decision-making.For example, in some embodiments, a user may view the status of some orall jobs as well as the status of each component of the informationmanagement system 100. Users may then plan and make decisions based onthis data. For instance, a user may view high-level informationregarding storage operations for the information management system 100,such as job status, component status, resource status (e.g.,communication pathways, etc.), and other information. The user may alsodrill down or use other means to obtain more detailed informationregarding a particular component, job, or the like. Further examples ofsome reporting techniques and associated interfaces providing anintegrated view of an information management system are provided in U.S.Pat. No. 7,343,453, which is incorporated by reference herein.

The information management system 100 can also be configured to performsystem-wide e-discovery operations in some embodiments. In general,e-discovery operations provide a unified collection and searchcapability for data in the system, such as data stored in the secondarystorage devices 108 (e.g., backups, archives, or other secondary copies116). For example, the information management system 100 may constructand maintain a virtual repository for data stored in the informationmanagement system 100 that is integrated across source applications 110,different storage device types, etc. According to some embodiments,e-discovery utilizes other techniques described herein, such as dataclassification and/or content indexing.

Information Management Policies

As indicated previously, an information management policy 148 caninclude a data structure or other information source that specifies aset of parameters (e.g., criteria and rules) associated with secondarycopy and/or other information management operations.

One type of information management policy 148 is a storage policy.According to certain embodiments, a storage policy generally comprises adata structure or other information source that defines (or includesinformation sufficient to determine) a set of preferences or othercriteria for performing information management operations. Storagepolicies can include one or more of the following items: (1) what datawill be associated with the storage policy; (2) a destination to whichthe data will be stored; (3) datapath information specifying how thedata will be communicated to the destination; (4) the type of storageoperation to be performed; and (5) retention information specifying howlong the data will be retained at the destination (see, e.g., FIG. 1E).

As an illustrative example, data associated with a storage policy can belogically organized into groups. In some cases, these logical groupingscan be referred to as “sub-clients”. A sub-client may represent staticor dynamic associations of portions of a data volume. Sub-clients mayrepresent mutually exclusive portions. Thus, in certain embodiments, aportion of data may be given a label and the association is stored as astatic entity in an index, database or other storage location.Sub-clients may also be used as an effective administrative scheme oforganizing data according to data type, department within theenterprise, storage preferences, or the like. Depending on theconfiguration, sub-clients can correspond to files, folders, virtualmachines, databases, etc. In one exemplary scenario, an administratormay find it preferable to separate e-mail data from financial data usingtwo different sub-clients.

A storage policy can define where data is stored by specifying a targetor destination storage device (or group of storage devices). Forinstance, where the secondary storage device 108 includes a group ofdisk libraries, the storage policy may specify a particular disk libraryfor storing the sub-clients associated with the policy. As anotherexample, where the secondary storage devices 108 include one or moretape libraries, the storage policy may specify a particular tape libraryfor storing the sub-clients associated with the storage policy, and mayalso specify a drive pool and a tape pool defining a group of tapedrives and a group of tapes, respectively, for use in storing thesub-client data. While information in the storage policy can bestatically assigned in some cases, some or all of the information in thestorage policy can also be dynamically determined based on criteria,which can be set forth in the storage policy. For instance, based onsuch criteria, a particular destination storage device(s) (or otherparameter of the storage policy) may be determined based oncharacteristics associated with the data involved in a particularstorage operation, device availability (e.g., availability of asecondary storage device 108 or a media agent 144), network status andconditions (e.g., identified bottlenecks), user credentials, and thelike).

Datapath information can also be included in the storage policy. Forinstance, the storage policy may specify network pathways and componentsto utilize when moving the data to the destination storage device(s). Insome embodiments, the storage policy specifies one or more media agents144 for conveying data associated with the storage policy between thesource (e.g., one or more host client computing devices 102) anddestination (e.g., a particular target secondary storage device 108).

A storage policy can also specify the type(s) of operations associatedwith the storage policy, such as a backup, archive, snapshot, auxiliarycopy, or the like. Retention information can specify how long the datawill be kept, depending on organizational needs (e.g., a number of days,months, years, etc.)

Another type of information management policy 148 is a schedulingpolicy, which specifies when and how often to perform operations.Scheduling parameters may specify with what frequency (e.g., hourly,weekly, daily, event-based, etc.) or under what triggering conditionssecondary copy or other information management operations will takeplace. Scheduling policies in some cases are associated with particularcomponents, such as particular logical groupings of data associated witha storage policy (e.g., a sub-client), client computing device 102, andthe like. In one configuration, a separate scheduling policy ismaintained for particular logical groupings of data on a clientcomputing device 102. The scheduling policy specifies that those logicalgroupings are to be moved to secondary storage devices 108 every houraccording to storage policies associated with the respectivesub-clients.

When adding a new client computing device 102, administrators canmanually configure information management policies 148 and/or othersettings, e.g., via the user interface 158. However, this can be aninvolved process resulting in delays, and it may be desirable to begindata protection operations quickly, without awaiting human intervention.Thus, in some embodiments, the information management system 100automatically applies a default configuration to client computing device102. As one example, when one or more data agent(s) 142 are installed onone or more client computing devices 102, the installation script mayregister the client computing device 102 with the storage manager 140,which in turn applies the default configuration to the new clientcomputing device 102. In this manner, data protection operations canbegin substantially immediately. The default configuration can include adefault storage policy, for example, and can specify any appropriateinformation sufficient to begin data protection operations. This caninclude a type of data protection operation, scheduling information, atarget secondary storage device 108, data path information (e.g., aparticular media agent 144), and the like.

Other types of information management policies 148 are possible,including one or more audit (or security) policies. An audit policy is aset of preferences, rules and/or criteria that protect sensitive data inthe information management system 100. For example, an audit policy maydefine “sensitive objects” as files or objects that contain particularkeywords (e.g., “confidential,” or “privileged”) and/or are associatedwith particular keywords (e.g., in metadata) or particular flags (e.g.,in metadata identifying a document or email as personal, confidential,etc.). An audit policy may further specify rules for handling sensitiveobjects. As an example, an audit policy may require that a reviewerapprove the transfer of any sensitive objects to a cloud storage site,and that if approval is denied for a particular sensitive object, thesensitive object should be transferred to a local primary storage device104 instead. To facilitate this approval, the audit policy may furtherspecify how a secondary storage computing device 106 or other systemcomponent should notify a reviewer that a sensitive object is slated fortransfer.

Another type of information management policy 148 is a provisioningpolicy. A provisioning policy can include a set of preferences,priorities, rules, and/or criteria that specify how client computingdevices 102 (or groups thereof) may utilize system resources, such asavailable storage on cloud storage and/or network bandwidth. Aprovisioning policy specifies, for example, data quotas for particularclient computing devices 102 (e.g., a number of gigabytes that can bestored monthly, quarterly or annually). The storage manager 140 or othercomponents may enforce the provisioning policy. For instance, the mediaagents 144 may enforce the policy when transferring data to secondarystorage devices 108. If a client computing device 102 exceeds a quota, abudget for the client computing device 102 (or associated department) isadjusted accordingly or an alert may trigger.

While the above types of information management policies 148 have beendescribed as separate policies, one or more of these can be generallycombined into a single information management policy 148. For instance,a storage policy may also include or otherwise be associated with one ormore scheduling, audit, or provisioning policies or operationalparameters thereof. Moreover, while storage policies are typicallyassociated with moving and storing data, other policies may beassociated with other types of information management operations. Thefollowing is a non-exhaustive list of items the information managementpolicies 148 may specify:

-   -   schedules or other timing information, e.g., specifying when        and/or how often to perform information management operations;    -   the type of copy 116 (e.g., type of secondary copy) and/or copy        format (e.g., snapshot, backup, archive, HSM, etc.);    -   a location or a class or quality of storage for storing        secondary copies 116 (e.g., one or more particular secondary        storage devices 108);    -   preferences regarding whether and how to encrypt, compress,        deduplicate, or otherwise modify or transform secondary copies        116;    -   which system components and/or network pathways (e.g., preferred        media agents 144) should be used to perform secondary storage        operations;    -   resource allocation among different computing devices or other        system components used in performing information management        operations (e.g., bandwidth allocation, available storage        capacity, etc.);    -   whether and how to synchronize or otherwise distribute files or        other data objects across multiple computing devices or hosted        services; and    -   retention information specifying the length of time primary data        112 and/or secondary copies 116 should be retained, e.g., in a        particular class or tier of storage devices, or within the        information management system 100.

Policies can additionally specify or depend on a variety of historicalor current criteria that may be used to determine which rules to applyto a particular data object, system component, or information managementoperation, such as:

-   -   frequency with which primary data 112 or a secondary copy 116 of        a data object or metadata has been or is predicted to be used,        accessed, or modified;    -   time-related factors (e.g., aging information such as time since        the creation or modification of a data object);    -   deduplication information (e.g., hashes, data blocks,        deduplication block size, deduplication efficiency or other        metrics);    -   an estimated or historic usage or cost associated with different        components (e.g., with secondary storage devices 108);    -   the identity of users, applications 110, client computing        devices 102 and/or other computing devices that created,        accessed, modified, or otherwise utilized primary data 112 or        secondary copies 116;    -   a relative sensitivity (e.g., confidentiality, importance) of a        data object, e.g., as determined by its content and/or metadata;    -   the current or historical storage capacity of various storage        devices;    -   the current or historical network capacity of network pathways        connecting various components within the storage operation cell;    -   access control lists or other security information; and    -   the content of a particular data object (e.g., its textual        content) or of metadata associated with the data object.        Exemplary Storage Policy and Secondary Storage Operations

FIG. 1E includes a data flow diagram depicting performance of storageoperations by an embodiment of an information management system 100,according to an exemplary storage policy 148A. The informationmanagement system 100 includes a storage manger 140, a client computingdevice 102 having a file system data agent 142A and an email data agent142B operating thereon, a primary storage device 104, two media agents144A, 144B, and two secondary storage devices 108A, 108B: a disk library108A and a tape library 108B. As shown, the primary storage device 104includes primary data 112A, which is associated with a logical groupingof data associated with a file system, and primary data 112B, which isassociated with a logical grouping of data associated with email.Although for simplicity the logical grouping of data associated with thefile system is referred to as a file system sub-client, and the logicalgrouping of data associated with the email is referred to as an emailsub-client, the techniques described with respect to FIG. 1E can beutilized in conjunction with data that is organized in a variety ofother manners.

As indicated by the dashed box, the second media agent 144B and the tapelibrary 108B are “off-site”, and may therefore be remotely located fromthe other components in the information management system 100 (e.g., ina different city, office building, etc.). Indeed, “off-site” may referto a magnetic tape located in storage, which must be manually retrievedand loaded into a tape drive to be read. In this manner, informationstored on the tape library 108B may provide protection in the event of adisaster or other failure.

The file system sub-client and its associated primary data 112A incertain embodiments generally comprise information generated by the filesystem and/or operating system of the client computing device 102, andcan include, for example, file system data (e.g., regular files, filetables, mount points, etc.), operating system data (e.g., registries,event logs, etc.), and the like. The e-mail sub-client, on the otherhand, and its associated primary data 112B, include data generated by ane-mail application operating on the client computing device 102, and caninclude mailbox information, folder information, emails, attachments,associated database information, and the like. As described above, thesub-clients can be logical containers, and the data included in thecorresponding primary data 112A, 112B may or may not be storedcontiguously.

The exemplary storage policy 148A includes backup copy preferences (orrule set) 160, disaster recovery copy preferences rule set 162, andcompliance copy preferences or rule set 164. The backup copy rule set160 specifies that it is associated with a file system sub-client 166and an email sub-client 168. Each of these sub-clients 166, 168 areassociated with the particular client computing device 102. The backupcopy rule set 160 further specifies that the backup operation will bewritten to the disk library 108A, and designates a particular mediaagent 144A to convey the data to the disk library 108A. Finally, thebackup copy rule set 160 specifies that backup copies created accordingto the rule set 160 are scheduled to be generated on an hourly basis andto be retained for 30 days. In some other embodiments, schedulinginformation is not included in the storage policy 148A, and is insteadspecified by a separate scheduling policy.

The disaster recovery copy rule set 162 is associated with the same twosub-clients 166, 168. However, the disaster recovery copy rule set 162is associated with the tape library 108B, unlike the backup copy ruleset 160. Moreover, the disaster recovery copy rule set 162 specifiesthat a different media agent, namely 144B, will be used to convey thedata to the tape library 108B. As indicated, disaster recovery copiescreated according to the rule set 162 will be retained for 60 days, andwill be generated on a daily basis. Disaster recovery copies generatedaccording to the disaster recovery copy rule set 162 can provideprotection in the event of a disaster or other catastrophic data lossthat would affect the backup copy 116A maintained on the disk library108A.

The compliance copy rule set 164 is only associated with the emailsub-client 168, and not the file system sub-client 166. Compliancecopies generated according to the compliance copy rule set 164 willtherefore not include primary data 112A from the file system sub-client166. For instance, the organization may be under an obligation to storeand maintain copies of email data for a particular period of time (e.g.,10 years) to comply with state or federal regulations, while similarregulations do not apply to the file system data. The compliance copyrule set 164 is associated with the same tape library 108B and mediaagent 144B as the disaster recovery copy rule set 162, although adifferent storage device or media agent could be used in otherembodiments. Finally, the compliance copy rule set 164 specifies thatcopies generated under the compliance copy rule set 164 will be retainedfor 10 years, and will be generated on a quarterly basis.

At step 1, the storage manager 140 initiates a backup operationaccording to the backup copy rule set 160. For instance, a schedulingservice running on the storage manager 140 accesses schedulinginformation from the backup copy rule set 160 or a separate schedulingpolicy associated with the client computing device 102, and initiates abackup copy operation on an hourly basis. Thus, at the scheduled timeslot the storage manager 140 sends instructions to the client computingdevice 102 (i.e., to both data agent 142A and data agent 142B) to beginthe backup operation.

At step 2, the file system data agent 142A and the email data agent 142Boperating on the client computing device 102 respond to the instructionsreceived from the storage manager 140 by accessing and processing theprimary data 112A, 112B involved in the copy operation, which can befound in primary storage device 104. Because the operation is a backupcopy operation, the data agent(s) 142A, 142B may format the data into abackup format or otherwise process the data.

At step 3, the client computing device 102 communicates the retrieved,processed data to the first media agent 144A, as directed by the storagemanager 140, according to the backup copy rule set 160. In some otherembodiments, the information management system 100 may implement aload-balancing, availability-based, or other appropriate algorithm toselect from the available set of media agents 144A, 144B. Regardless ofthe manner the media agent 144A is selected, the storage manager 140 mayfurther keep a record in the storage manager database 146 of theassociation between the selected media agent 144A and the clientcomputing device 102 and/or between the selected media agent 144A andthe backup copy 116A.

The target media agent 144A receives the data from the client computingdevice 102, and at step 4 conveys the data to the disk library 108A tocreate the backup copy 116A, again at the direction of the storagemanager 140 and according to the backup copy rule set 160. The secondarystorage device 108A can be selected in other ways. For instance, themedia agent 144A may have a dedicated association with a particularsecondary storage device(s), or the storage manager 140 or media agent144A may select from a plurality of secondary storage devices, e.g.,according to availability, using one of the techniques described in U.S.Pat. No. 7,246,207, which is incorporated by reference herein.

The media agent 144A can also update its index 153 to include dataand/or metadata related to the backup copy 116A, such as informationindicating where the backup copy 116A resides on the disk library 108A,data and metadata for cache retrieval, etc. The storage manager 140 maysimilarly update its index 150 to include information relating to thestorage operation, such as information relating to the type of storageoperation, a physical location associated with one or more copiescreated by the storage operation, the time the storage operation wasperformed, status information relating to the storage operation, thecomponents involved in the storage operation, and the like. In somecases, the storage manager 140 may update its index 150 to include someor all of the information stored in the index 153 of the media agent144A. After the 30 day retention period expires, the storage manager 140instructs the media agent 144A to delete the backup copy 116A from thedisk library 108A. Indexes 150 and/or 153 are updated accordingly.

At step 5, the storage manager 140 initiates the creation of a disasterrecovery copy 116B according to the disaster recovery copy rule set 162.

At step 6, illustratively based on the instructions received from thestorage manager 140 at step 5, the specified media agent 144B retrievesthe most recent backup copy 116A from the disk library 108A.

At step 7, again at the direction of the storage manager 140 and asspecified in the disaster recovery copy rule set 162, the media agent144B uses the retrieved data to create a disaster recovery copy 116B onthe tape library 108B. In some cases, the disaster recovery copy 116B isa direct, mirror copy of the backup copy 116A, and remains in the backupformat. In other embodiments, the disaster recovery copy 116B may begenerated in some other manner, such as by using the primary data 112A,112B from the primary storage device 104 as source data. The disasterrecovery copy operation is initiated once a day and the disasterrecovery copies 116B are deleted after 60 days; indexes are updatedaccordingly when/after each information management operation isexecuted/completed.

At step 8, the storage manager 140 initiates the creation of acompliance copy 116C, according to the compliance copy rule set 164. Forinstance, the storage manager 140 instructs the media agent 144B tocreate the compliance copy 116C on the tape library 108B at step 9, asspecified in the compliance copy rule set 164. In the example, thecompliance copy 116C is generated using the disaster recovery copy 116B.In other embodiments, the compliance copy 116C is instead generatedusing either the primary data 112B corresponding to the email sub-clientor using the backup copy 116A from the disk library 108A as source data.As specified, in the illustrated example, compliance copies 116C arecreated quarterly, and are deleted after ten years, and indexes are keptup-to-date accordingly.

While not shown in FIG. 1E, at some later point in time, a restoreoperation can be initiated involving one or more of the secondary copies116A, 116B, 116C. As one example, a user may manually initiate a restoreof the backup copy 116A by interacting with the user interface 158 ofthe storage manager 140. The storage manager 140 then accesses data inits index 150 (and/or the respective storage policy 148A) associatedwith the selected backup copy 116A to identify the appropriate mediaagent 144A and/or secondary storage device 108A.

In other cases, a media agent may be selected for use in the restoreoperation based on a load balancing algorithm, an availability basedalgorithm, or other criteria. The selected media agent 144A retrievesthe data from the disk library 108A. For instance, the media agent 144Amay access its index 153 to identify a location of the backup copy 116Aon the disk library 108A, or may access location information residing onthe disk 108A itself.

When the backup copy 116A was recently created or accessed, the mediaagent 144A accesses a cached version of the backup copy 116A residing inthe index 153, without having to access the disk library 108A for someor all of the data. Once it has retrieved the backup copy 116A, themedia agent 144A communicates the data to the source client computingdevice 102. Upon receipt, the file system data agent 142A and the emaildata agent 142B may unpackage (e.g., restore from a backup format to thenative application format) the data in the backup copy 116A and restorethe unpackaged data to the primary storage device 104.

Exemplary Applications of Storage Policies

The storage manager 140 may permit a user to specify aspects of thestorage policy 148A. For example, the storage policy can be modified toinclude information governance policies to define how data should bemanaged in order to comply with a certain regulation or businessobjective. The various policies may be stored, for example, in themanagement database 146. An information governance policy may comprise aclassification policy, which is described herein. An informationgovernance policy may align with one or more compliance tasks that areimposed by regulations or business requirements. Examples of informationgovernance policies might include a Sarbanes-Oxley policy, a HIPAApolicy, an electronic discovery (E-Discovery) policy, and so on.

Information governance policies allow administrators to obtain differentperspectives on all of an organization's online and offline data,without the need for a dedicated data silo created solely for eachdifferent viewpoint. As described previously, the data storage systemsherein build a centralized index that reflects the contents of adistributed data set that spans numerous clients and storage devices,including both primary and secondary copies, and online and offlinecopies. An organization may apply multiple information governancepolicies in a top-down manner over that unified data set and indexingschema in order to permit an organization to view and manipulate thesingle data set through different lenses, each of which is adapted to aparticular compliance or business goal. Thus, for example, by applyingan E-discovery policy and a Sarbanes-Oxley policy, two different groupsof users in an organization can conduct two very different analyses ofthe same underlying physical set of data copies, which may bedistributed throughout the organization and information managementsystem.

A classification policy defines a taxonomy of classification terms ortags relevant to a compliance task and/or business objective. Aclassification policy may also associate a defined tag with aclassification rule. A classification rule defines a particularcombination of criteria, such as users who have created, accessed ormodified a document or data object; file or application types; contentor metadata keywords; clients or storage locations; dates of datacreation and/or access; review status or other status within a workflow(e.g., reviewed or un-reviewed); modification times or types ofmodifications; and/or any other data attributes in any combination,without limitation. A classification rule may also be defined usingother classification tags in the taxonomy. The various criteria used todefine a classification rule may be combined in any suitable fashion,for example, via Boolean operators, to define a complex classificationrule. As an example, an E-discovery classification policy might define aclassification tag “privileged” that is associated with documents ordata objects that (1) were created or modified by legal departmentstaff, or (2) were sent to or received from outside counsel via email,or (3) contain one of the following keywords: “privileged” or “attorney”or “counsel”, or other like terms.

One specific type of classification tag, which may be added to an indexat the time of indexing, is an entity tag. An entity tag may be, forexample, any content that matches a defined data mask format. Examplesof entity tags might include, e.g., social security numbers (e.g., anynumerical content matching the formatting mask XXX-XX-XXXX), credit cardnumbers (e.g., content having a 13-16 digit string of numbers), SKUnumbers, product numbers, etc.

A user may define a classification policy by indicating criteria,parameters or descriptors of the policy via a graphical user interface,such as a form or page with fields to be filled in, pull-down menus orentries allowing one or more of several options to be selected, buttons,sliders, hypertext links or other known user interface tools forreceiving user input, etc. For example, a user may define certain entitytags, such as a particular product number or project ID code that isrelevant in the organization. In some implementations, theclassification policy can be implemented using cloud-based techniques.For example, the storage devices may be cloud storage devices, and thestorage manager 140 may execute cloud service provider API over anetwork to classify data stored on cloud storage devices.

Exemplary Secondary Copy Formatting

The formatting and structure of secondary copies 116 can vary, dependingon the embodiment. In some cases, secondary copies 116 are formatted asa series of logical data units or “chunks” (e.g., 512 MB, 1 GB, 2 GB, 4GB, or 8 GB chunks). This can facilitate efficient communication andwriting to secondary storage devices 108, e.g., according to resourceavailability. For example, a single secondary copy 116 may be written ona chunk-by-chunk basis to a single secondary storage device 108 oracross multiple secondary storage devices 108. In some cases, users canselect different chunk sizes, e.g., to improve throughput to tapestorage devices.

Generally, each chunk can include a header and a payload. The payloadcan include files (or other data units) or subsets thereof included inthe chunk, whereas the chunk header generally includes metadata relatingto the chunk, some or all of which may be derived from the payload. Forexample, during a secondary copy operation, the media agent 144, storagemanager 140, or other component may divide the associated files intochunks and generate headers for each chunk by processing the constituentfiles. The headers can include a variety of information such as fileidentifier(s), volume(s), offset(s), or other information associatedwith the payload data items, a chunk sequence number, etc. Importantly,in addition to being stored with the secondary copy 116 on the secondarystorage device 108, the chunk headers can also be stored to the index153 of the associated media agent(s) 144 and/or the index 150. This isuseful in some cases for providing faster processing of secondary copies116 during restores or other operations. In some cases, once a chunk issuccessfully transferred to a secondary storage device 108, thesecondary storage device 108 returns an indication of receipt, e.g., tothe media agent 144 and/or storage manager 140, which may update theirrespective indexes 153, 150 accordingly. During restore, chunks may beprocessed (e.g., by the media agent 144) according to the information inthe chunk header to reassemble the files.

Data can also be communicated within the information management system100 in data channels that connect the client computing devices 102 tothe secondary storage devices 108. These data channels can be referredto as “data streams”, and multiple data streams can be employed toparallelize an information management operation, improving data transferrate, among providing other advantages. Example data formattingtechniques including techniques involving data streaming, chunking, andthe use of other data structures in creating copies (e.g., secondarycopies) are described in U.S. Pat. Nos. 7,315,923 and 8,156,086, and8,578,120, each of which is incorporated by reference herein.

FIGS. 1F and 1G are diagrams of example data streams 170 and 171,respectively, which may be employed for performing data storageoperations. Referring to FIG. 1F, the data agent 142 forms the datastream 170 from the data associated with a client computing device 102(e.g., primary data 112). The data stream 170 is composed of multiplepairs of stream header 172 and stream data (or stream payload) 174. Thedata streams 170 and 171 shown in the illustrated example are for asingle-instanced storage operation, and a stream payload 174 thereforemay include both single-instance (“SI”) data and/or non-SI data. Astream header 172 includes metadata about the stream payload 174. Thismetadata may include, for example, a length of the stream payload 174,an indication of whether the stream payload 174 is encrypted, anindication of whether the stream payload 174 is compressed, an archivefile identifier (ID), an indication of whether the stream payload 174 issingle instanceable, and an indication of whether the stream payload 174is a start of a block of data.

Referring to FIG. 1G, the data stream 171 has the stream header 172 andstream payload 174 aligned into multiple data blocks. In this example,the data blocks are of size 64 KB. The first two stream header 172 andstream payload 174 pairs comprise a first data block of size 64 KB. Thefirst stream header 172 indicates that the length of the succeedingstream payload 174 is 63 KB and that it is the start of a data block.The next stream header 172 indicates that the succeeding stream payload174 has a length of 1 KB and that it is not the start of a new datablock. Immediately following stream payload 174 is a pair comprising anidentifier header 176 and identifier data 178. The identifier header 176includes an indication that the succeeding identifier data 178 includesthe identifier for the immediately previous data block. The identifierdata 178 includes the identifier that the data agent 142 generated forthe data block. The data stream 171 also includes other stream header172 and stream payload 174 pairs, which may be for SI data and/or fornon-SI data.

FIG. 1H is a diagram illustrating the data structures 180 that may beused to store blocks of SI data and non-SI data on the storage device(e.g., secondary storage device 108). According to certain embodiments,the data structures 180 do not form part of a native file system of thestorage device. The data structures 180 include one or more volumefolders 182, one or more chunk folders 184/185 within the volume folder182, and multiple files within the chunk folder 184. Each chunk folder184/185 includes a metadata file 186/187, a metadata index file 188/189,one or more container files 190/191/193, and a container index file192/194. The metadata file 186/187 stores non-SI data blocks as well aslinks to SI data blocks stored in container files. The metadata indexfile 188/189 stores an index to the data in the metadata file 186/187.The container files 190/191/193 store SI data blocks. The containerindex file 192/194 stores an index to the container files 190/191/193.Among other things, the container index file 192/194 stores anindication of whether a corresponding block in a container file190/191/193 is referred to by a link in a metadata file 186/187. Forexample, data block B2 in the container file 190 is referred to by alink in the metadata file 187 in the chunk folder 185. Accordingly, thecorresponding index entry in the container index file 192 indicates thatthe data block B2 in the container file 190 is referred to. As anotherexample, data block B1 in the container file 191 is referred to by alink in the metadata file 187, and so the corresponding index entry inthe container index file 192 indicates that this data block is referredto.

As an example, the data structures 180 illustrated in FIG. 1H may havebeen created as a result of two storage operations involving two clientcomputing devices 102. For example, a first storage operation on a firstclient computing device 102 could result in the creation of the firstchunk folder 184, and a second storage operation on a second clientcomputing device 102 could result in the creation of the second chunkfolder 185. The container files 190/191 in the first chunk folder 184would contain the blocks of SI data of the first client computing device102. If the two client computing devices 102 have substantially similardata, the second storage operation on the data of the second clientcomputing device 102 would result in the media agent 144 storingprimarily links to the data blocks of the first client computing device102 that are already stored in the container files 190/191. Accordingly,while a first storage operation may result in storing nearly all of thedata subject to the storage operation, subsequent storage operationsinvolving similar data may result in substantial data storage spacesavings, because links to already stored data blocks can be storedinstead of additional instances of data blocks.

If the operating system of the secondary storage computing device 106 onwhich the media agent 144 operates supports sparse files, then when themedia agent 144 creates container files 190/191/193, it can create themas sparse files. A sparse file is type of file that may include emptyspace (e.g., a sparse file may have real data within it, such as at thebeginning of the file and/or at the end of the file, but may also haveempty space in it that is not storing actual data, such as a contiguousrange of bytes all having a value of zero). Having the container files190/191/193 be sparse files allows the media agent 144 to free up spacein the container files 190/191/193 when blocks of data in the containerfiles 190/191/193 no longer need to be stored on the storage devices. Insome examples, the media agent 144 creates a new container file190/191/193 when a container file 190/191/193 either includes 100 blocksof data or when the size of the container file 190 exceeds 50 MB. Inother examples, the media agent 144 creates a new container file190/191/193 when a container file 190/191/193 satisfies other criteria(e.g., it contains from approximately 100 to approximately 1000 blocksor when its size exceeds approximately 50 MB to 1 GB).

In some cases, a file on which a storage operation is performed maycomprise a large number of data blocks. For example, a 100 MB file maycomprise 400 data blocks of size 256 KB. If such a file is to be stored,its data blocks may span more than one container file, or even more thanone chunk folder. As another example, a database file of 20 GB maycomprise over 40,000 data blocks of size 512 KB. If such a database fileis to be stored, its data blocks will likely span multiple containerfiles, multiple chunk folders, and potentially multiple volume folders.Restoring such files may require accessing multiple container files,chunk folders, and/or volume folders to obtain the requisite datablocks.

User Community in Connection with Information Management Systems andServices

Providers of data storage solutions and services also providemaintenance and support to their customers. Some companies providecustomers with on-line portals or forums as tools for addressing productmaintenance and support issues.

According to certain aspects of the present disclosure, systems andmethods are described for providing a user community that givescustomers a vehicle for dealing with maintenance and support issues. Theuser community is provided in connection with one or more deployedinformation management systems. The user community may be an on-line,web-based portal. The user community can provide a variety ofmaintenance and/or support resources to customers, and may be hosted orotherwise operated at the control of the organization that provides theinformation management system and/or services. Such an organization maybe referred to as the “information management system provider” below forpurposes of discussion. “Customers” may refer to individuals ororganizations that use the information management system and/or servicesoffered by the information management system provider.

User Community

FIGS. 2A-2D depict illustrative graphical user interfaces relating tothe user community. FIG. 2A illustrates an exemplary home page of a userinterface for the user community. FIG. 2B illustrates an exemplarydisplay screen of the user interface showing summary informationassociated with the user profile for a particular user. FIG. 2Cillustrates an exemplary display screen of the user interface showing abreakdown of points accumulated by the user for completion ofmaintenance related activities associated with the informationmanagement system, according to one embodiment. FIG. 2D illustrates anexemplary display screen of the user interface showing a breakdown ofpoints accumulated by the user for completion of education relatedactivities associated with the information management system, accordingto one embodiment. Information management systems that may be used inconnection with the user community are shown and described with respectto FIGS. 1A-1H, 3, 3A, and 4. For instance, a user community manager 350or another component of the system 300 shown in FIG. 3 may generate theuser interface illustrated in FIGS. 2A-2D as well as other userinterfaces associated with the user community.

Although the techniques in this disclosure are described with respect toinformation management systems and information management systemproviders, these techniques can apply to other types of products and/orservices as well as other types of organizations.

The user community may provide a variety of types of resourcesincluding: product support resources (e.g., downloadable softwareupdates, documentation, etc.), incident management resources, an on-lineuser forum, a stored knowledge base (KB), product education resources,etc. For example, the forum can allow users to post about varioustopics, and the knowledge base can comprise a stored database includingarticles (e.g., user submitted articles) and other educationalinformation relating to different products and issues. Users of thecommunity can contribute articles to the knowledge base. Users may beindividuals who are associated with support and/or maintenance ofproducts and/or services offered by the information management systemprovider. For instance, a user may be an information technology (IT)administrator. Users may also be engineers who are associated withdevelopment of products and/or services offered by the informationmanagement system provider. For example, an engineer may be employed bya customer to customize products and/or services offered by theinformation management system provider.

An incident may refer to an issue to be resolved. For instance, if acustomer experiences a technical problem, the customer may report andopen an incident for the problem (e.g., via the user community), or suchreporting may cause manual or automated opening of the incident at theinformation management provider system. The support personnel at theinformation management system provider can manage and track incidents inorder to resolve technical problems experienced by customers. Forexample, the support personnel can update and refer to the status of anincident to monitor the progress of the associated issue. Incidents maybe stored in an incidents database.

One or more incidents databases can store incident records relating todifferent products offered by the information management systemprovider. Such incident records can be indexed by customer and/orindividual users, and may be accessed by the information management cellID(s) associated with a customer. Each customer may organize its systeminto one or more information management cells, which have correspondinginformation management cell IDs. Information management systems andmethods that can be used in connection with the user community areexplained in more detail above with respect to FIGS. 1A-1H, and moreparticularly below with respect to FIGS. 3, 3A, and 4. Portions of anexemplary user interface for the user community is illustrated in FIGS.2A-2D. As indicated, such a user interface may be generated and hostedby an information management system provider. For instance, referring toFIG. 3, a user community manager 350 or other appropriate component ofthe information management provider system 300 may generate such aninterface. Users of information management cells 390 deployed bycustomers of the information management system provider may have accessto the user interface via a web portal or other appropriate mechanism.In other cases, the user interface is generated locally at therespective information management cells 390.

User Profile Overview

A user of the user community can create a user profile for use withinthe community. In some embodiments, a customer (e.g., a company)designates one or more specific persons as being in a maintenance and/orsupport role (e.g., system administrator, support personnel, engineer,etc.). User profiles associated with these designated persons (and/orother users) may be created and stored. Certain aspects of the userprofile can be displayed in a user interface such as the exemplary userinterface shown in FIGS. 2A-2D.

The profile can include information associated with users and/orcustomers such as: score or ranking information (e.g., 230 b in FIG. 2B)(e.g., a number of use community points accumulated, a level or statuswithin the user community (e.g., 240 b in FIG. 2B)), a role (e.g., 250 bin FIG. 2B), type and/or quantity of information management systemeducational activities performed, type and/or quantity of informationmanagement system support- and/or maintenance-related activitiescompleted, product usage data associated with the information managementsoftware or other information management system componentry,software-related activities (e.g., completion of particular milestonesor tasks associated with software installed in an information managementcell), information relating to a type or quantity of interaction withsupport team of the information management system provider (e.g., numberand/or type of incidents opened, information relating to openedincidents), a user community profile completion progress associated withthe user (e.g., 217 a in FIG. 2A), other users who are designated asfollowers of the user (e.g., 219 a in FIG. 2A), and any otherappropriate types of information including any of those describedherein, etc. The home page or other page of the user interface can alsoinclude a recommendations section including a listing of recommendedmaterial associated with the information management system, which caninclude courses on-line or in-person courses, downloadable articles orother documentation, certifications, etc. The system may generate therecommendations based in a customized fashion based on aspects of theuser's profile, such as the user's score, role, level, or the like. Theprofile can also include information about the maintenance contract thatthe customer may have with the information management system provider(e.g., 218 a in FIG. 2A). For example, the profile may specify when thecurrent maintenance contract expires. The profile may also be associatedwith incidents related to the user (e.g., 220 a in FIG. 2A). Anexemplary display screen showing information relating to a user profileis illustrated in FIG. 2B, which will be described in detail below. Theuser interface can also provide a graphical or other indication of howthe user compares to other user's, such as other users of a similar rankand/or role. For instance, the solid portion of horizontal bar graphshown in FIG. 2B provides a graphical gauge as to the average number ofpoints for users of a similar ranking, while the vertical bar shows thenumber of points attained by the user, providing a comparison to theaverage. In the embodiment depicted in FIG. 2B, the user has accumulated72 points, which is more than the average for those of the“Intermediate” ranking. The user interface can also provide anindication as to what is required of the user to reach a next milestone,such as the next highest ranking. For instance, FIG. 2B indicates thatthe user needs to accumulate 100 points to attain an “Advanced” ranking.

In some embodiments, aspects of the user profile may be based on acombination of maintenance and/or support related activities andeducation activities of the user. Support related activities caninclude: submitting an incident survey, submitting a post to a forum,submitting a post to a forum that is selected as a solution, beingfollowed by others in forums, submitting knowledge base content,submitting knowledge base content that is published, providing feedbackregarding knowledge base content, etc. Education related activities caninclude: participating in various courses, submitting course survey,attending a live course and/or seminar, etc.

In one embodiment, the user profile can include maintenance relatedcontent (e.g., as displayed in the display screen illustrated in FIG.2C) and education related content (e.g., as displayed in the displayscreen illustrated in FIG. 2D). Points can be assigned to the user foreach category, which can be combined for a total number of points. Forexample, the user can have a number of points for maintenance relatedactivities 260 c as illustrated in FIG. 2C and a number of points foreducation related activities 270 d as illustrated in FIG. 2D. Points aredescribed in more detail below.

User Community Points

The user community may award points to a user based on the user'sactivities and/or participation in the community. Such activities and/orparticipation may include: participation in forums and/or knowledgebases, interaction with the support team of the information managementsystem provider, participation in education activities (e.g.,participating in on-line educational webinars and product series offeredby the information management system provider), etc. For example, theuser may receive a set number of points for specific activities, such aswriting forum posts and submitting knowledge base articles. Some forumposts and knowledge base articles that are recognized by the informationmanagement system provider or by other users as having particular meritcan receive more points than those that do not obtain such recognition.For instance, a forum post that is tagged as providing a solution to aparticular problem can receive 10 times the number of points for aregular forum post, and knowledge base submissions that are accepted andpublished, e.g., by the information management system provider, canreceive twice the number of points for a regular knowledge basesubmission. Other rewarded activities may include filling out surveysand participating in education-related activities. Education-relatedactivities are described in more detail below. As mentioned above, theuser's points can be associated with the user's profile.

In some embodiments, the user may be assigned a level or status based onthe number of points. For example, FIG. 2A illustrates one example ofthe level or status 210 a as follows:

-   -   Newcomer 211 a: 1-50 points    -   Journeyman 212 a: 51-100 points    -   Expert 213 a: 101-200 points    -   Ace 214 a: 201-500 points    -   Master 215 a: 501-1000 points    -   Guru 216 a: 1000 points

In certain embodiments, the users may be assigned a role as well as alevel or status. For example, a user may have a role, such as anoperator, an administrator, an engineer, etc. A level or statusassociated with the user may include basic, intermediate, advanced,expert, master, etc. The level or status can vary depending on the role.For example, an administrator may only have basic, intermediate, andadvanced levels, while an engineer may have all levels (e.g., basic,intermediate, advanced, expert, master, etc.). The number of points forreaching the next level may also vary depending on the role.

In some embodiments, the point system may be defined as indicated inTables 1-3. Table 1 shows one embodiment of a point system for definingthe role and/or level or status associated with the user. Table 2 showsone embodiment of a point system for maintenance and educationactivities. Table 3 shows one embodiment of a detailed point system foreducation activities. The point system can be based on the user'smaintenance related activities as well the user's education relatedactivities. The number of points for various categories may be combinedto obtain a total number of points for the user.

TABLE 1 An Embodiment of Point System Expertise Level and RequiredActivity Points Operator Intermediate Advanced Expert Master RoleAdministrator 15 25 n/a n/a Engineer 50 100 150 300

TABLE 2 Points Awarded for Completed Support and Education ActivitiesAnother Embodiment of Point System Activity Points Rules SupportActivities on Maintenance Advantage Submit incident close survey 2 Onefeedback survey per incident. Post to CommVault Forums 1 Post toCommVault Forums deemed 2 a solution Followed on CommVault Forums 3Points per follower. Provide Knowledgebase feedback 1 SubmitKnowledgebase content 1 Published Knowledgebase content 2 EducationActivities on Education Advantage Submit course survey 2 One feedbacksurvey per class. Attend an Ask the Educator “live” 1 Must be “live”session. webinar

In certain embodiments, the information management system may determineor generate a number of points and/or other aspects of the user'sprofile based on the user's usage of information management systemsoftware and/or other information management system components, such asany of those described in detail with respect to FIGS. 1A-1H. Measuringuser performance based on such metrics will be described in greaterdetail herein.

Education

Educational activities can include any activity that furthers a user'sunderstanding and/or skills associated with products and/or servicesprovided by the information management system provider. For example,educational activities can include live or online courses, seminars,webinars, etc. relating to products and services. Educational activitiesrecommended for a user may differ based on the role of the user. Forinstance, courses recommended for an administrator user may be differentfrom courses recommended for an engineer user. In addition, a largernumber of courses may be suggested for the engineer user. Educationalactivities recommended for a user can also differ based on the level ofthe user. For example, courses for intermediate users may be differentfrom courses for master users.

The information management system provider may provide certificationbased on the user's educational activities. Such certification can beincluded as a part of the user profile and may be shared withprospective employers at the choice of the user. For example,certification information can be included in the user's score or rankingas described below. Certification may be based on other activities inaddition to educational activities (e.g., number of incidents associatedwith the user). The users can receive points for completing certaineducational activities or courses and/or receive certification asindicated in Table 3.

TABLE 3 Education Courses and Certification An Embodiment of PointSystem for Educational Activities CommVault Type Simpana (Course/Proficiency Certifica- Points Level Course/Certification Name tion)Attained Basic Core Fundamentals ILT 12 Implementation and ILT 12Maintenance CommVault Certified Certifica- 16 Professional tionIntroduction to Simpana ® ELearning 2 Software Storage Policies -Concepts ELearning 2 and design Removable Media Management ELearning 2CommCell Administration ELearning 2 Monitoring a CommCell ® ELearning 2Environment Client Administration ELearning 2 Data Protection andRecovery ELearning 2 Intermediate Virtual Environment ELearning 4Protection - Concepts and Design Virtual Environment ELearning 4Protection - Configuration and Administration Deduplication- Conceptsand ELearning 4 Design Deduplication - Configuration ELearning 4 andAdministration Data Search at the Edge - End ELearning 4 User AccesseDiscovery Compliance Search ELearning 4 Bare Metal Restore - DesignELearning 4 and Configuration Archiving Data - Messaging ELearning 4Archiving Data - File System ELearning 4 Advanced Snapshot Technology -ELearning 6 Concepts and Design Snapshot Technology - ELearning 6Configuration and Administration Protecting the Microsoft ELearning 6Application Suite Operations Management ELearning 6 Virtual DataManagement ILT 15 Disaster Recovery - Design and ILT 15 ImplementationCommVault Certified Specialist Certifica- 15 tion Expert There are no“Expert” courses at n/a n/a this time. Master CommVault Master ArchitectILT 50 CommVault Certified Master Certifica- 50 Architect tion CommVaultDatabase Architect ILT 50 Master CommVault Certified Database Certifica-50 Architect tion

Other “Good Citizenship” Indicators

The user profile may also include information about other goodcitizenship activities and/or behavior. “Good citizenship” activitiesand/or behavior may refer to participation by a user of the communitythat provide value to the information management system provider andcustomers, such as active involvement in support operation anddevelopment and/or improvement of products. Some examples include thefollowing.

Profile Completion

The profile can include an indication as to how complete the profile is.For instance, the profile may indicate the percentage of completion.Completeness of a profile may be based on forum and/or knowledge basecontributions, knowledge base subscriptions, incident feedback,certification, etc. Profile completion can reflect a user's goodcitizenship level since it takes into account the scope of the user'scontribution to the community. Profile completion status 217 a can bedisplayed (e.g., as a percentage) in the user interface associated withthe user community, as illustrated in FIG. 2A.

Leader/Follower

The profile can also indicate the number of followers the user has andwho the followers are. A user who is followed by other users can bereferred to as “leaders.” Having followers also can reflect a user'slevel of good citizenship since the user's forum posts and/or knowledgebase submissions are noticed and recognized by other users. Followerinformation 219 a can be displayed in the user interface associated withthe user community, as illustrated in FIG. 2A.

The above examples have been provided for illustrative purposes, andgood citizenship activities can include any other appropriateparticipation by community user. Good citizenship activities can assistin the maintenance and/or support by the information management systemprovider since the community can contribute to resolving issues andcollective knowledge.

Score or Ranking

The user community may assign a score or ranking for a user based on thenumber of incidents associated with the user and based on the user'sparticipation in the user community (e.g., user's points, other goodcitizenship activities, certification, etc.). The score or ranking canprovide a useful metric to the information management provider indetermining how to most efficiently interact with that particular usergoing forward. For instance, problem users may be tagged for targetededucational efforts or other remedial action. Moreover, the score orranking can be used to incentivize the user to change their behavior. Asone example, the system can provide users with a particular score or forwhom particular issues have been identified with a list of remedialactions they can take to improve their score and/or ranking. Asindicated previously, a user that opens a fewer number of incidents isgenerally more helpful and efficient than a user that opens a largenumber of incidents. The user that opens fewer incidents can probablyhandle issues relating to the information management system withoutinvolving support of the information management system provider than theuser that opens more incidents. Therefore, the number of incidentsassociated with a user may be of interest, e.g., to the informationmanagement system provider as well as the customer.

However, a simple comparison of number of incidents may not provide aparticularly effective metric in some cases. Rather, aspects of certainembodiments provided herein include the realization that the true natureof a particular user's performance depends on a large variety ofcontextual factors. For example, the configuration of the informationmanagement system a user is managing can be highly relevant inevaluating user performance. Two users may be interacting withinformation management systems having completely different hardwareand/or software configurations, complexity, etc. In such a case, simplycounting the number of incidents opened up by each user will not providethe most useful performance metric for evaluating the two users againstone another. Accordingly, certain embodiments provided herein take suchcontextual factors into account in evaluating a particular user'sperformance.

As one example, a company having a large number of deployed informationmanagement hardware and/or software components on average will probablyhave more incidents than a company having a smaller number of deployedcomponents. Accordingly, the number of incidents may be normalized(e.g., by weighting) based on a measure that is derived from one or morecharacteristics associated with the organization that the user belongsto, including any of the following, without limitation: deployedcomputing device information (e.g., a number, type, or other parameteror characteristic of deployed servers, client computing devices, orother computers or hardware devices associated with the user's deployedinformation management system environment), deployed software componentinformation (e.g., a number, type or other parameter or characteristicassociated with installed instances of one or more data agents, mediaagents, storage managers, or other software components of the user'sdeployed information management system software environment, deployedstorage resource information such as an amount of deployed storagecapacity (e.g., number of terabytes of storage), other characteristicassociated with installed storage device(s) (e.g., storage device typeor quantity), or an amount of money spent on items associated withservices provided by the data storage service provider (e.g., on annualmaintenance renewals, etc.). In some embodiments, global averages forvarious tasks may be available to normalize scores, such as an averagecompletion time or other performance metric associated with a particulartask, for some or all users of the information management systemprovider's software. Such information may be used for the purposes ofdetermining the relative performance of a particular user as compared tothe global average. For instance, a global average may be useful intracking and/or evaluating a user's efficiency in executing certaintasks.

Good citizenship activities may also be of interest in assessing usersbecause they can reflect a user's contribution to product support and/ormaintenance. For example, a user who actively posts to the forum andwhose posts are selected as solutions probably contributes more tosupport and maintenance than a user who rarely posts to the forum. Insome embodiments, the user's score or ranking can include certificationinformation relating to the user (e.g., completion of certain coursesrelating to products or services). Such certification information may beincorporated into the user's score or ranking as a number of points,indicated separately, or otherwise reflected in the user's score orranking, etc.

Accordingly, a user's score or ranking can convey the user's skill levelas support personnel (or in another role, e.g., an engineer). A user maychoose to disclose his or her score within the user community topotential employers since the score can show that the user is aqualified candidate who has a low number of incidents and valuedcontribution to the user community. Certain details relating to scoringand ranking are provided below in connection with FIGS. 3-4.

Employer Access to Score or Ranking

An employer may look up the scores or rankings of users who choose todisclose them. For example, the employer may enter the user's name andthe employer ID to access a candidate's profile. By asking to enter anemployer ID, the user community can control access to the scores, e.g.,only for eligible employers.

The scores can be useful for hiring support personnel because they canconvey the level of expertise of an employee candidate. Also, the scorescan indicate the level of the candidate's participation in overallmaintenance and product development efforts relating to products offeredby the information management system provider. Hiring an individual whohas a high score can lead to cost savings since the individual is morelikely to open a fewer number of incidents and have a high level ofexpertise.

As explained above, in order to provide a point of comparison, the scoreand ranking may be normalized based on a variety factors, includingnumber of servers, number of terabytes, amount spent per year onmaintenance renewals, etc.

In some embodiments, the score or ranking may be provided as a totalnumber of points without further breakdown. In other embodiments, atotal number of points may be provided along with a breakdown of pointsfor each category. For example, the employer may be able to see thenumber of points for the maintenance and support related activities andthe number of points for the educational activities. In one embodiment,the employer may also access certification information relating to theuser. The certification information may be included in the total numberof points, may be provided as a separate piece of information, or may bereflected in other ways in the overall score or ranking for the user.

Discounts Based on Score or Ranking

The information management system provider may provide discounts formaintenance and support to users with high scores or rankings. Forexample, a threshold value can be set for the score to qualify fordiscounts. If a user's score exceeds the threshold value, the user maybe given discounts. Discounts may be for one product or multipleproducts offered by the information management system provider.Discounts may also be provided for support or maintenance contract.

The discounts may operate according to a set of rules, and may beautomatically and electronically initiated by the information managementsystem. The decision to grant a discount may be according to any desiredalgorithm. For instance, in some cases, the discount is based primarilyor solely on a number of incidents opened, with users/customers havingless open incidents being more likely to obtain a discount, while inother cases there is a more sophisticated weighting similar to the scoreor ranking algorithms described herein. For example, if someone has ahigh score but opens a large number of incidents, the informationmanagement system provider may not extend a discount to such user.

In this manner, the user community in connection with an informationmanagement system provider or products offered by the informationmanagement system provider can offer incentives for both employees andemployers. An employee who has a high ranking or score in the usercommunity can have increased probability of being hired by an employerand also have bargaining power in salary negotiations. For example, auser with a very high score may be sought after by employers, and theuser will be able to receive a higher salary than someone who has alower score.

From employer perspective, the user community ranking or score canprovide a measure of reliability about an employee candidate. Hiring anemployee with a high score can lead to cost savings, and hiring multipleemployees with high scores can translate to even more cost savings.

Generating a Score or Ranking for Users of Information ManagementSystems and Services

FIG. 3 is a block diagram illustrating an exemplary system 300configured to provide user community functionality for a plurality ofinformation management cells 390. For instance, the system 300 can beconfigured to generate a scores or rankings for users of the informationmanagement cells 390 and/or associated services. As illustrated, theexemplary system 300 includes a plurality of information managementcells 390, which may also be referred to as storage operation cells ordata storage cells. The exemplary system 300 can also include one ormore user community managers 350. The system 300 may further include auser community data store 352 associated with the user community manager350. The user community data store 352 can be contained within one ormore storage devices in communication with user community manager 350.

The user community manager 350 communicates with the informationmanagement cells 390 over one or more networks, which may include a WAN,LAN, SAN, some other appropriate network, or a combination thereof. Inone embodiment, the user community manager 350 communicates with each ofthe information management cells over the Internet. The user communitydata store 352 can include information relating to the user community,which can generally include any of the following types of informationwithout limitation: user/customer profile information (e.g., userscores, rankings, incident history and other user/customer behaviorinformation), management cell configuration/environment information(e.g., deployed hardware and software configuration information),incident history information, etc. The user community data store 352 maybe organized in any appropriate manner, and in one embodiment isorganized in a database having tables, records, customer, informationmanagement cell, and user. An information management cell 390 mayinclude one or more storage managers 310, one or more clients or clientcomputing devices 320, one or more information stores or primary storagedevices 330, one or more data agents 340, one or more remote operationsmanagers 355, one or more applications 360, one or more media agents370, and one or more secondary storage devices 380. The system 300 andcorresponding components of FIG. 3 may be similar to or the same as thesystem 100 and similarly named components of FIG. 1D. Moreover,depending on the embodiment, the system 300 of FIG. 3 may additionallyinclude any of the other components shown in FIG. 1D that are notspecifically shown in FIG. 3. The system 300 may include one or more ofeach component. All components of the system 300 can be in directcommunication with each other or communicate indirectly via the client320, the storage manager 310, the media agent 370, or the like. Incertain embodiments, some of the components in FIG. 3 shown as separatecomponents can reside on a single computing device, or vice versa. Forexample, the remote operations manager 355 can reside on the storagemanager 310, the media agent 370, or on a separate computing device.

The user community manager 350 may comprise software and/or hardwareconfigured to host and implement the functionality of the user communityfor the storage cells 390. In one embodiment, the user community manager350 is a software module implemented on one or more server computers.One function implemented by user community manager is generation of thescores or rankings for users of information management cells 390 and/orassociated services. In some embodiments, the user community manager 350can be located at a geographically remote site from the informationmanagement cells 390. For instance, the user community manager 350 inone embodiment is located at a site hosted by the information managementsystem provider, whereas the information management cells 390 are hostedby customers of the information management system provider. In somecases, more than one information management cell 390 may be associatedwith a single customer. In other embodiments, the user community manager350 may be located at the same site as the information management cells390. While the illustrated embodiment depicts one user community manager350 that is common to all of the information management cells 390, otherconfigurations are possible. For instance, multiple user communitymanagers 350 may be provided, such as where separate user communitymanagers 350 are associated with each information management cell 390,groups of information management cells 390, or the like, depending onthe embodiment. In certain embodiments, multiple user community managers350 may be associated with one information management cell 390. Wherethe user community manager 350 is implemented within an informationmanagement cell 390, the user community manager 350 may reside on orform a part of the storage manager 310, media agent 370, anothercomponent of the system 300, or a separate computing device, such as adedicated computing device for hosting the user community manager 350,depending on the embodiment.

The remote operations manager 355 may provide management and reportingoperations functionality described above. For example, the remoteoperations manager 355 can provide features described in U.S. Pat. No.7,343,453 and U.S. Pat. No. 8,650,445, each of which is incorporated byreference herein, and can generally provide monitoring, web reporting,and automation for the respective information management cell 390. Inone embodiment, the remote operations manager 355 can implement a secureweb service, and can monitor components of the information managementcell 390 relating to data management, access, and protection. Forexample, the remote operations manager 355 in some embodiments polls(e.g., periodically polls) the various components of the informationmanagement cell 390 to obtain configuration information relating to thedeployed environment, including information indicating the type,existence, and/or other characteristics associated with each deployedcomponents. In other embodiments, the remote operations manager 355passively receives such information, rather than actively polling thecomponents in the information management cell 390. Such components caninclude can include some or all of the following: the client computingdevices 320 and/or corresponding data agents 340, secondary storagecomputing devices and/or corresponding media agents 370, storage manager310 and/or corresponding host computer, and the secondary storagedevices 380. The remote operations manager 355 can also provide theobtained configuration information of an information management cell 390to a remote system or component, such as the user community manager 350.

FIG. 3A is a data flow diagram illustrative of the interaction betweenthe various components of the exemplary system 300. With furtherreference to FIG. 3A, the interaction between the various components ofthe exemplary information management system will now be described ingreater detail with respect to data flow steps indicated by the numberedarrows.

At data flow step 1, the user community manager 350 receives informationmanagement cell 390 configuration information from the informationmanagement cell 390. The configuration information can include varioustypes of information, such as information relating to one or more of thefollowing aspects of the deployed information management environmentassociated with the particular information management cell 390: hardwareconfiguration, software configuration, system complexity, etc. In someembodiments, the remote operations manager 355 is the entity thatcollects and/or sends the configuration information to the usercommunity manager 350. The remote operations manager 355 may sendpreviously collected data or collect data in real time at the request ofthe user community manager 350. In other embodiments, another componentof the information management cell 390 may send the configurationinformation.

Hardware configuration information may include any of the followinginformation associated with deployed hardware componentry of therespective information management cell 390: number of client computingdevices 320 (which may host one or more corresponding data agents 340and/or applications 360), number of secondary storage computing devices(which may host one or more corresponding media agents 370), number ofserver computers (which may host one or more corresponding storagemanagers 310), number of secondary storage devices 380, number ofinformation stores 330 and/or corresponding storage devices in primarystorage, amount of storage capacity (including primary and/or secondarystorage), etc. In one embodiment, the number of client computing devices320 is not a pure count of the number of physical client computingdevice 320, but is determined according to an algorithm that takes intoaccount multiple factors which can include the number of physical clientcomputing devices 320, the number of servers, the number of data agents340 in the information management cell 390, or some combination thereof.In some embodiments, a single physical client computing device 320 mayhost a number of virtual client devices and corresponding data agents340, applications 360, etc., and the number of client computing devices320 includes a count of the number of virtual client devices in additionto or instead of a count of the number of physical client computingdevices 320. In other embodiments, the number of client computingdevices 320 may only include the number of physical client computingdevices 320 in the information management cell 390.

Software configuration information may include configuration informationrelating to various types of software components deployed in therespective information management cell 390 (e.g., data agents 340, mediaagents 370, storage managers 310, etc.). For example, the softwareconfiguration information can include a number, type, or other parameteror characteristic associated with installed instances of one or morecomponents of the information management cell 390.

Providing an accurate assessment of users of a particular informationmanagement cell 390 can depend in significant part on the type ofservices that are provided by the customer associated with theinformation management cell 390. For instance, some customers may deploythe information management cell 390 to provide managed service provider(MSP) functionality, where the customer leverages the functionality ofthe information management cell 390 to provide services to third parties(e.g., cloud storage services, cloud computing services, etc.) In suchcases, the information management cell 390 may be connected over anappropriate network with computing systems of the third party, e.g.,over the Internet or other WAN or LAN. As another example, somecustomers deploy the information management cell 390 exclusivley toaddress their own data storage and other information management needs.Such customers may be referred to as “single entity” customers. In orderto track customer type, the configuration information may also includeinformation about the type of customer associated with each informationmanagement cell 390. For instance, the configuration information canidentify the customer as being a single entity, managed service provider(MSP), or other type customer. The type of entity can affect the averageexpected number of incidents opened by users of the informationmanagement cell 390. A single entity may manage all of its storagemanagement operations and can have different types of configurationswithin the organization. On the other hand, an MSP is more likely tohave similar or uniform types of configurations within the organization.Therefore, users of an MSP-type information management cell 390 maygenerally open a fewer number of tickets than users of a singleentity-type information management cell 390, either on an absolute basisor relative to the respective deployed configuration (e.g., relative tothe respective number of client computing devices 320 or other hardwareor software configuration information). In some embodiments, informationabout the type of entity may not be included in the configurationinformation, but accessible from another source. For example, the system300 may store information about the type of entity of a customer in adatabase, files, etc.

At data flow step 2, the user community manager 350 accesses incidentinformation for a user of the information management cell 390. The usercommunity manager 350 may access the incident information from the usercommunity data store 352, for example. For example, such information maybe available as a part of the user's user community profile, the user'smaintenance and/or support account, or both. Or the information may beavailable as a part of records relating to maintenance and/or support ofthe user's information management system.

The incidents can have different types or dispositions. In one example,the types of incidents can relate to and/or be flagged as relating tothe following categories: training, configuration, environment, and bug.An incident can be flagged as training-related when the incident stemsfrom the user's lack of training with a specific issue. An incident canbe flagged as configuration-related when the incident is caused by achange in the configuration of the information management cell 390(e.g., the information management cell 390 had a simple configuration,but now moved to a more complex configuration). An incident can beflagged as environment-related when the incident is caused by a changein the information management cell 390 due to other software orsolutions not provided by the information management system provider(e.g., Microsoft Windows OS Service Pack). An incident can be flagged asbug-related when the incident stems from a bug in the software orsolutions provided by the information management system. The types ofincidents may be determined automatically by the system 300 or enteredmanually, e.g., by a support personnel. Certain types of incidents maypositively affect the user's score, and other types of incidents maynegative affect the user's score. The types of incidents discussed aboveare provided as illustrative examples. The system 300 can includeadditional and/or different types of incidents as appropriate.

At data flow step 3, the user community manager 350 generates a scorefor the user. The score can be based on various aspects of the user'sactivities, such as the user's maintenance and/or support activity,participation in the user community, etc. A single score can be assignedbased on the various aspects of the user's activities. For example,different components of the score can be determined based on differentaspects of the user's activities (e.g., independently), and thencombined to generate a single score.

The component of the score relating to the user's maintenance and/orsupport activity may be based on the number of incidents opened by theuser, which can be weighted based on one or more factors. The one ormore weighting factors can be determined from or based on theconfiguration information and/or the user incident information. Forexample, some weighting factors may be determined from the informationindicated by the configuration information, and other factors may bedetermined from the information indicated by the user incidentinformation. The system 300 can determine whether to apply all factorsor a subset of factors. The weighting can be positive or negative. Insome embodiments, each factor may be weighted to derive the weightingvalue to be applied to the number of incidents, and the weighting valuefor each factor can have a different value or magnitude depending on thefactor. Factors may be considered as having positive, neutral, ornegative impact on scores, depending on the factor.

Some factors can relate to the hardware configuration of the informationmanagement cell 390. Hardware configuration related factors can be basedon any of the hardware configuration information described previouslyassociated with deployed hardware componentry of the respectiveinformation management cell 390, including, without limitation: numberof client computing devices 320 (which may host one or morecorresponding data agents 340 and/or applications 360), number ofsecondary storage computing devices (which may host one or morecorresponding media agents 370), number of server computers (which mayhost one or more corresponding storage managers 310), number ofsecondary storage devices 380, number of information stores 330 and/orcorresponding storage devices in primary storage, amount of storagecapacity (including primary and/or secondary storage), etc. Depending onthe embodiment, higher numbers of different types of components (e.g.,client computing devices 320, media agents 370, storage managers 310)may be weighted more highly or positively (e.g., to more positivelyimpact the overall score) than lower numbers of different types ofcomponents since higher numbers probably indicate a more complexarchitecture than lower numbers.

Some factors may relate to the software configuration associated withthe information management cell 390. As explained above, softwareconfiguration related factors can include configuration and/or settingsrelating to software components deployed in the information managementcell 390, including, without limitation, the data agents 320, mediaagents 370, storage managers 310, etc. (e.g., number, type, or otherparameter or characteristic associated with installed instances).Similar to the hardware configuration related factors, softwareconfiguration and/or settings that indicate higher complexity, such as ahigher number of installed instances, software indicating complexcapabilities such as parallel restore or redundant restore, or the like,can be weighted more highly or positively (more positively impact score)than software configuration and/or settings that indicate lowercomplexity.

The user community manager 350 can also use the type of an incident canalso be a factor in the weighting process. Each type may be consideredto be a separate factor. For example, incidents relating to training andincidents relating to configuration can be categorized and countedseparately. For example, a user can have 5 incidents relating totraining and 10 incidents relating to configuration. Different types ofincidents may be considered positive, neutral, or negative. For example,incidents relating to configuration or environment can be neutral,positive, or relatively less negative than other types of incidents(e.g., training-related incidents) since the causes are generally notthe user's lack of knowledge. On the other hand, incidents relating totraining tend to be negative because the user probably did not haveknowledge about an issue. Relatively less negative or neutral incidenttypes can be weighted relatively less negatively (e.g., affect onesscore relatively less negatively than relatively more negative incidenttypes. Weighting based on incident type can be performed on a moregranular level in some embodiments. For example, each incident relatingto training may be weighted differently, depending on whether anincident was the first instance of that particular type of issue, or wasinstead one of many instances of that type of issue. Or each incidentrelating to training can be weighted based on the type of issue. Forexample, if a particular user opens an incident for the same issue thatthey have already opened in the past, a more negative weighting may beassigned for that incident than for one or more of the previousinstances of the incident for that user.

Each factor can be assigned a positive or negative weight and associatedweighting value. In the example above, the 5 incidents relating totraining can be assigned a weight of −2, and the 10 incidents relatingto configuration can be assigned a weight of −1. Generally, the weightsmay be determined and assigned in a way that incentivizes behavior to berewarded by assigning higher scores for activities indicative of goodbehavior and that disincentivizes poor behavior by assigning lowerscores for activities indicative of poor behavior. While certainexamples of weightings and factors are described, any appropriatealgorithm can be used. For instance, in certain alternative embodiments,only positive weights are used, but different magnitudes are used todistinguish between positive, neutral, and negative factors. In someembodiments, fractional weights are used.

The weight to be applied to the number of incidents can be determinedbased on the weighting values for the various factors. For example, theuser community manager 350 can create one weighting value byaggregating, averaging, or otherwise combining the weighting values forthe various factors. Then, the user community manager 350 may generatethe component of the score for the number of incidents by weighting thenumber of incidents by the one combined weighting value. The usercommunity manager 350 can generate the score according to apredetermined algorithm. The algorithm may be defined such that a userwith better performance receives a higher score.

In one embodiment, the component of the score relating to the number ofincidents opened by the user can be based on the number of clientcomputing devices 320 in the information management cell 390, the typesof incidents opened by the user, and the type of entity associated withthe information management cell 390. In an illustrative example, aninformation management cell 390 has 2,000 client computing devices 320.The user opens an average of 20 incidents per month. The customerassociated with the information management cell 390 is a single entitytype of customer (e.g., not an MSP-type). The type of incidents the useropens generally relate to configuration, environment, or bug. In thiscase, the user's average number of incidents per month may be higherthan the global average number of incidents. However, the user's numberof incidents may be normalized or weighted to be lower since the userhas a complex configuration and the incidents are probably not due tothe user's lack of expertise. The weighted number of incidents may beused in generating a final score for the user that incorporates otheraspects of the user's activities. In this manner, the system 300 canprovide a frame of reference for the number of incidents opened by auser by weighting the number appropriately based on various factors.

The overall score can be generated based on not only the weighted numberof incidents, but also other types of user community-related activitiesmentioned above in this disclosure, such as knowledge base articlecontribution, educational activities, etc. Various aspects of a user'sactivity in connection with the user community may be consideredpositive, neutral, or negative, and may be assigned points accordingly.An example of generating a user's overall score is provided withreference to user activity information as indicated in the table below.A user may have the following points based on the user communityactivities as well as maintenance and support activities.

Category/Factor Count Points # of Submitted Knowledge 10 +30 BaseArticles # of Qualifying 5 +25 Educational Activities # of ClientComputing 2,000/Single N/A Devices/Entity Type (Complexity (ComplexityFactor) Factor = 0.8) # Incidents (Total) 20 −25 * 0.80 = −20 #Incidents - training- 5 −10 * 0.80 = −8  related # Incidents - 15 −15 *0.80 = −12 configuration-/environment- relatedThe user contributed 10 knowledge base articles, for which the userreceived +30 points (e.g., 3 points per knowledge base article). Theuser also completed 5 qualifying educational activities, such astraining courses, for which the user received +25 points (e.g., 5 pointsper qualifying activity). The user also opened a total of 20 incidents.The configuration/environment-related incidents can be consideredrelatively neutral or less negative incidents, and are given a weight ofonly −1 point each, whereas the training-related incidents are viewed asrelatively more negative, and weighted −2 points each. Accordingly, theuser's initial number of points for incidents may be −25 points.However, the user's information management cell 390 has 2,000 clientcomputing devices 320, which may be relatively complex, e.g., ascompared to an average information management cell complexity, and theentity type is single, which makes the configuration relatively morecomplex as well. Accordingly, the user's negative points for incidentsare weighted downwards according to an assigned complexity factor of 0.8in the illustrated example based on the number of client computingdevices 320 and the entity type. For example, the number of points forincident may be reduced to −20 instead of −25. The user's resultingoverall points then would be +35. This example is provided forillustrative purposes only, and the overall score can be generatedaccording to any appropriate algorithm or formula.

FIG. 4 is flow diagram illustrative of one embodiment of a routine 400for generating a score or ranking for users of information managementsystems and services. The routine 400 is described with respect to thesystem 300 of FIGS. 3 and 3A. However, one or more of the steps ofroutine 400 may be implemented by other information management systems,such as those described in greater detail above with reference to FIG.1D. The routine 400 can be implemented by any one, or a combination of,a client, a storage manager, a data agent, a user community manager, amedia agent, and the like. Moreover, further details regarding certainaspects of at least some of steps of the routine 400 are described ingreater detail above with reference to FIGS. 3 and 3A. Althoughdescribed in relation to backup operations for the purposes ofillustration, the process of FIG. 4 can be compatible with other typesof storage operations, such as, for example, archiving, migration,snapshots, replication operations, and the like.

At block 401, the user community manager 350 obtains configurationinformation of an information management cell 390. The configurationinformation can include information relating to one or more of: hardwareconfiguration and software configuration.

At block 402, the user community manager 350 accesses incidentinformation for a user of the information management cell 390. Theaccessed incident information can be from an account associated with theuser, such as the user's user community account or the user'smaintenance and/or support account. In some embodiments, the usercommunity manager 350 more broadly accesses information associated withthe user, rather than the incident information specifically. Forexample, the accessed information can be information associated with theuser's account. In certain embodiments, the accessed information caninclude training history associated with the user. The accessedinformation can also include user participation in the user community.

At block 403, the user community manager 350 determines one or morefactors indicated by the configuration information or the accessedinformation. The one or more factors can include one or more of: anumber of client computing devices in the information management cell, anumber of secondary storage computing devices in the informationmanagement cell, a number of storage managers in the informationmanagement cell, a number of storage devices in the informationmanagement cell, an amount of secondary storage capacity in theinformation management cell, a type of an incident, and a variation ofconfiguration within the information management cell. The type of anincident can relate to one or more of: training, configuration,environment, or bug.

At block 404, the user community manager 350 weights the number ofincidents based on the one or more factors, according to a predeterminedalgorithm.

At block 405, the user community manager 350 generates a score for theuser based at least in part on the weighted number of incidents. In someembodiments, the score can be generated based at least in part on thetraining history of the user, the user participation in the usercommunity, etc. In certain embodiments, the user community manager 350may also generate a customized training recommendation(s) for the user,such as courses, knowledge base articles, etc. The user communitymanager 350 can also generate personalized notifications relating tomaintenance and/or support activities, such as a reminder to perform abackup operation if a backup has not occurred within a specific periodof time. Reminders can be sent for various types of secondary storageoperations.

The routine 400 can include fewer, more, or different blocks than thoseillustrated in FIG. 4 without departing from the spirit and scope of thedescription. Moreover, it will be appreciated by those skilled in theart and others that some or all of the functions described in thisdisclosure may be embodied in software executed by one or moreprocessors of the disclosed components and mobile communication devices.The software may be persistently stored in any type of non-volatilestorage.

Terminology

Conditional language, such as, among others, “can,” “could,” “might,” or“may,” unless specifically stated otherwise, or otherwise understoodwithin the context as used, is generally intended to convey that certainembodiments include, while other embodiments do not include, certainfeatures, elements and/or steps. Thus, such conditional language is notgenerally intended to imply that features, elements and/or steps are inany way required for one or more embodiments or that one or moreembodiments necessarily include logic for deciding, with or without userinput or prompting, whether these features, elements and/or steps areincluded or are to be performed in any particular embodiment.

Unless the context clearly requires otherwise, throughout thedescription and the claims, the words “comprise,” “comprising,” and thelike are to be construed in an inclusive sense, as opposed to anexclusive or exhaustive sense; that is to say, in the sense of“including, but not limited to.” As used herein, the terms “connected,”“coupled,” or any variant thereof means any connection or coupling,either direct or indirect, between two or more elements; the coupling orconnection between the elements can be physical, logical, or acombination thereof. Additionally, the words “herein,” “above,” “below,”and words of similar import, when used in this application, refer tothis application as a whole and not to any particular portions of thisapplication. Where the context permits, words in the above DetailedDescription using the singular or plural number may also include theplural or singular number respectively. The word “or” in reference to alist of two or more items, covers all of the following interpretationsof the word: any one of the items in the list, all of the items in thelist, and any combination of the items in the list. Likewise the term“and/or” in reference to a list of two or more items, covers all of thefollowing interpretations of the word: any one of the items in the list,all of the items in the list, and any combination of the items in thelist.

Depending on the embodiment, certain operations, acts, events, orfunctions of any of the algorithms described herein can be performed ina different sequence, can be added, merged, or left out altogether(e.g., not all are necessary for the practice of the algorithms).Moreover, in certain embodiments, operations, acts, functions, or eventscan be performed concurrently, e.g., through multi-threaded processing,interrupt processing, or multiple processors or processor cores or onother parallel architectures, rather than sequentially.

Systems and modules described herein may comprise software, firmware,hardware, or any combination(s) of software, firmware, or hardwaresuitable for the purposes described herein. Software and other modulesmay reside and execute on servers, workstations, personal computers,computerized tablets, PDAs, and other computing devices suitable for thepurposes described herein. Software and other modules may be accessiblevia local memory, via a network, via a browser, or via other meanssuitable for the purposes described herein. Data structures describedherein may comprise computer files, variables, programming arrays,programming structures, or any electronic information storage schemes ormethods, or any combinations thereof, suitable for the purposesdescribed herein. User interface elements described herein may compriseelements from graphical user interfaces, interactive voice response,command line interfaces, and other suitable interfaces.

Further, the processing of the various components of the illustratedsystems can be distributed across multiple machines, networks, and othercomputing resources. In addition, two or more components of a system canbe combined into fewer components. Various components of the illustratedsystems can be implemented in one or more virtual machines, rather thanin dedicated computer hardware systems and/or computing devices.Likewise, the data repositories shown can represent physical and/orlogical data storage, including, for example, storage area networks orother distributed storage systems. Moreover, in some embodiments theconnections between the components shown represent possible paths ofdata flow, rather than actual connections between hardware. While someexamples of possible connections are shown, any of the subset of thecomponents shown can communicate with any other subset of components invarious implementations.

Embodiments are also described above with reference to flow chartillustrations and/or block diagrams of methods, apparatus (systems) andcomputer program products. Each block of the flow chart illustrationsand/or block diagrams, and combinations of blocks in the flow chartillustrations and/or block diagrams, may be implemented by computerprogram instructions. Such instructions may be provided to a processorof a general purpose computer, special purpose computer,specially-equipped computer (e.g., comprising a high-performancedatabase server, a graphics subsystem, etc.) or other programmable dataprocessing apparatus to produce a machine, such that the instructions,which execute via the processor(s) of the computer or other programmabledata processing apparatus, create means for implementing the actsspecified in the flow chart and/or block diagram block or blocks.

These computer program instructions may also be stored in anon-transitory computer-readable memory that can direct a computer orother programmable data processing apparatus to operate in a particularmanner, such that the instructions stored in the computer-readablememory produce an article of manufacture including instruction meanswhich implement the acts specified in the flow chart and/or blockdiagram block or blocks. The computer program instructions may also beloaded onto a computing device or other programmable data processingapparatus to cause a series of operations to be performed on thecomputing device or other programmable apparatus to produce a computerimplemented process such that the instructions which execute on thecomputer or other programmable apparatus provide steps for implementingthe acts specified in the flow chart and/or block diagram block orblocks.

Any patents and applications and other references noted above, includingany that may be listed in accompanying filing papers, are incorporatedherein by reference. Aspects of the invention can be modified, ifnecessary, to employ the systems, functions, and concepts of the variousreferences described above to provide yet further implementations of theinvention.

These and other changes can be made to the invention in light of theabove Detailed Description. While the above description describescertain examples of the invention, and describes the best modecontemplated, no matter how detailed the above appears in text, theinvention can be practiced in many ways. Details of the system may varyconsiderably in its specific implementation, while still beingencompassed by the invention disclosed herein. As noted above,particular terminology used when describing certain features or aspectsof the invention should not be taken to imply that the terminology isbeing redefined herein to be restricted to any specific characteristics,features, or aspects of the invention with which that terminology isassociated. In general, the terms used in the following claims shouldnot be construed to limit the invention to the specific examplesdisclosed in the specification, unless the above Detailed Descriptionsection explicitly defines such terms. Accordingly, the actual scope ofthe invention encompasses not only the disclosed examples, but also allequivalent ways of practicing or implementing the invention under theclaims.

To reduce the number of claims, certain aspects of the invention arepresented below in certain claim forms, but the applicant contemplatesthe various aspects of the invention in any number of claim forms. Forexample, while only one aspect of the invention is recited as ameans-plus-function claim under 35 U.S.C sec. 112(f) (AIA), otheraspects may likewise be embodied as a means-plus-function claim, or inother forms, such as being embodied in a computer-readable medium. Anyclaims intended to be treated under 35 U.S.C. §112(f) will begin withthe words “means for”, but use of the term “for” in any other context isnot intended to invoke treatment under 35 U.S.C. §112(f). Accordingly,the applicant reserves the right to pursue additional claims afterfiling this application, in either this application or in a continuingapplication.

What is claimed is:
 1. A method of assessing users of a data storagesystem, the method comprising: receiving, with a first computing deviceof a data storage system provider, configuration information relating toa deployed configuration of a first data storage cell of a plurality ofdata storage cells and including one or more of: (1) a number ofinstalled data storage hardware components and (2) a number of installeddata storage software components, the plurality of data storage cellseach located remotely from the first computing device, comprising aplurality of client computing devices, and being configured to createand store one or more secondary copies of primary data generated by theplurality of client computing devices; receiving information relating toan incident opened by a user of the first data storage cell, theincident corresponding to an instance where resources of the datastorage system provider were expended in an attempt to resolve an issuereported by the user associated with operation of the data storage cell;with the first computing device, updating a performance metricassociated with the user from an initial value to a new value to reflecta negative impact on the performance metric resulting from the openingof the incident by the user, the initial value of the performance metricbased at least in part on one or more previous incidents opened by theuser, wherein the degree of the negative impact is based at least inpart on the configuration information; and storing the updatedperformance metric in electronic storage.
 2. The method of claim 1,wherein the performance metric comprises one or more of a score orranking.
 3. The method of claim 1, further comprising providing agraphical user interface including a graphical depiction of theperformance metric.
 4. The method of claim 1, wherein the configurationinformation comprises a number of client computing devices in the datastorage cell.
 5. The method of claim 1, wherein the degree of negativeimpact is at least in part based on a type of the incident.
 6. Themethod of claim 5, wherein the type of incident is one or more of:training, configuration, environment, or bug.
 7. The method of claim 1,further comprising: receiving an indication that the user has completeda training-related task associated with operation of data storagesoftware or hardware deployed in the first data storage cell, andwherein said updating the performance metric further comprises updatingthe performance metric to reflect a positive impact on the performancemetric resulting from the completion of the training-related task. 8.The method of claim 1, further comprising: receiving information relatedto performance of activities related to participation of the user in auser community formed by users of the plurality of data storage cells,and wherein said updating the performance metric further comprisesupdating the performance metric to reflect a positive impact on theperformance metric resulting from the performance of the activities. 9.The method of claim 1, further comprising: reviewing a stored userprofile associated with the user; and based on said reviewing,generating a customized list of at least one recommended task for theuser to perform, the task involving the use of data storage softwareinstalled in the first data storage cell.
 10. A system, comprising: aplurality of data storage cells, each of the plurality of data storagecells comprising a plurality of client computing devices and configuredto create and store one or more secondary copies of primary datagenerated by the plurality of client computing devices; a firstcomputing device of a data storage system provider, the first computingdevice comprising computer hardware and located remotely from and incommunication with the plurality of data storage cells, the firstcomputing device configured to: receive configuration informationrelating to a deployed configuration of a first data storage cell of theplurality of data storage cells, the configuration information includingone or more of: (1) a number of installed data storage hardwarecomponents in the first data storage cell and (2) a number of installeddata storage software components in the first data storage cell; receiveinformation relating to an incident opened by a user of the first datastorage cell, the incident corresponding to an instance where resourcesof the data storage system provider were expended in an attempt toresolve an issue reported by the user associated with operation of thedata storage cell; update a performance metric associated with the userfrom an initial value to a new value to reflect a negative impact on theperformance metric resulting from the opening of the incident by theuser, the initial value of the performance metric based on one or moreprevious incidents opened by the user; wherein the degree of thenegative impact is based at least in part on the configurationinformation; and store the updated performance metric in electronicstorage.
 11. The system of claim 10, wherein the performance metriccomprises one or more of a score or ranking.
 12. The system of claim 10,wherein the first computing device is further configured to provide agraphical user interface including a graphical depiction of theperformance metric.
 13. The system of claim 10, wherein theconfiguration information comprises a number of client computing devicesin the data storage cell.
 14. The system of claim 10, wherein the degreeof negative impact is at least in part based on a type of the incident.15. The system of claim 14, wherein the type of incident is one or moreof: training, configuration, environment, or bug.
 16. The system ofclaim 10, wherein the first computing device is further configured to:receive an indication that the user has completed a training-relatedtask associated with operation of data storage software or hardwaredeployed in the first data storage cell; and further update theperformance metric to reflect a positive impact on the performancemetric resulting from the completion of the training-related task. 17.The system of claim 10, wherein the first computing device is furtherconfigured to: receive information related to performance of activitiesrelated to participation of the user in a user community formed by usersof the plurality of data storage cells; and further update theperformance metric to reflect a positive impact on the performancemetric resulting from the performance of the activities.
 18. The systemof claim 10, wherein the first computing device is further configuredto: review a stored user profile associated with the user; and based onthe review, generate a customized list of at least one recommended taskfor the user to perform, the task involving the use of data storagesoftware installed in the first data storage cell.